r48813 - in /desktop/unstable/gtk+2.0/debian: changelog patches/099_CVE-2013-7447.patch patches/series
biebl at users.alioth.debian.org
biebl at users.alioth.debian.org
Sun May 22 06:21:22 UTC 2016
Author: biebl
Date: Sun May 22 06:21:21 2016
New Revision: 48813
URL: http://svn.debian.org/wsvn/pkg-gnome/?sc=1&rev=48813
Log:
* Acknowledge NMU, thanks Salvatore Bonaccorso.
* Non-maintainer upload.
* CVE-2013-7447: Integer overflow in image handling (Closes: #799275)
Added:
desktop/unstable/gtk+2.0/debian/patches/099_CVE-2013-7447.patch
Modified:
desktop/unstable/gtk+2.0/debian/changelog
desktop/unstable/gtk+2.0/debian/patches/series
Modified: desktop/unstable/gtk+2.0/debian/changelog
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk%2B2.0/debian/changelog?rev=48813&op=diff
==============================================================================
--- desktop/unstable/gtk+2.0/debian/changelog [utf-8] (original)
+++ desktop/unstable/gtk+2.0/debian/changelog [utf-8] Sun May 22 06:21:21 2016
@@ -1,3 +1,16 @@
+gtk+2.0 (2.24.30-2) UNRELEASED; urgency=medium
+
+ * Acknowledge NMU, thanks Salvatore Bonaccorso.
+
+ -- Michael Biebl <biebl at debian.org> Sun, 22 May 2016 08:20:15 +0200
+
+gtk+2.0 (2.24.30-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * CVE-2013-7447: Integer overflow in image handling (Closes: #799275)
+
+ -- Salvatore Bonaccorso <carnil at debian.org> Fri, 18 Mar 2016 20:20:37 +0100
+
gtk+2.0 (2.24.30-1) unstable; urgency=medium
* New upstream release 2.24.30
Added: desktop/unstable/gtk+2.0/debian/patches/099_CVE-2013-7447.patch
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk%2B2.0/debian/patches/099_CVE-2013-7447.patch?rev=48813&op=file
==============================================================================
--- desktop/unstable/gtk+2.0/debian/patches/099_CVE-2013-7447.patch (added)
+++ desktop/unstable/gtk+2.0/debian/patches/099_CVE-2013-7447.patch [utf-8] Sun May 22 06:21:21 2016
@@ -0,0 +1,30 @@
+From 894b1ae76a32720f4bb3d39cf460402e3ce331d6 Mon Sep 17 00:00:00 2001
+From: Matthias Clasen <mclasen at redhat.com>
+Date: Sat, 29 Jun 2013 22:06:54 -0400
+Subject: Avoid integer overflow
+
+Use g_malloc_n in gdk_cairo_set_source_pixbuf when allocating
+a large block of memory, to avoid integer overflow.
+
+Pointed out by Bert Massop in
+https://bugzilla.gnome.org/show_bug.cgi?id=703220
+---
+ gdk/gdkcairo.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gdk/gdkcairo.c b/gdk/gdkcairo.c
+index 19bed04..2e1d8dc 100644
+--- a/gdk/gdkcairo.c
++++ b/gdk/gdkcairo.c
+@@ -213,7 +213,7 @@ gdk_cairo_set_source_pixbuf (cairo_t *cr,
+ format = CAIRO_FORMAT_ARGB32;
+
+ cairo_stride = cairo_format_stride_for_width (format, width);
+- cairo_pixels = g_malloc (height * cairo_stride);
++ cairo_pixels = g_malloc_n (height, cairo_stride);
+ surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels,
+ format,
+ width, height, cairo_stride);
+--
+cgit v0.12
+
Modified: desktop/unstable/gtk+2.0/debian/patches/series
URL: http://svn.debian.org/wsvn/pkg-gnome/desktop/unstable/gtk%2B2.0/debian/patches/series?rev=48813&op=diff
==============================================================================
--- desktop/unstable/gtk+2.0/debian/patches/series [utf-8] (original)
+++ desktop/unstable/gtk+2.0/debian/patches/series [utf-8] Sun May 22 06:21:21 2016
@@ -11,3 +11,4 @@
061_use_pdf_as_default_printing_standard.patch
065_gir_set_packages.patch
098_multiarch_module_path.patch
+099_CVE-2013-7447.patch
More information about the pkg-gnome-commits
mailing list