[SCM] libkdcraw packaging branch, kde4.10, updated. debian/4.10.4-1-2-gc235a7b

[Maximiliano Curia]

Gitweb-URL: http://git.debian.org/?p=pkg-kde/kde-sc/libkdcraw.git;a=commitdiff;h=5f4e6ad

The following commit has been merged in the kde4.10 branch:
commit 5f4e6adc8b7ed550a82bc40f1578f27cfcce0f02
Author: Maximiliano Curia <maxy at debian.org>
Date:   Mon Jun 17 16:29:34 2013 +0200

    New patch: libkdcraw_CVE-2013-2126.diff. (Closes: #711317)
---
 debian/changelog                            |    6 +++++
 debian/patches/libkdcraw_CVE-2013-2126.diff |   32 +++++++++++++++++++++++++++
 debian/patches/series                       |    1 +
 3 files changed, 39 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index aea9e56..8a94c0e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+libkdcraw (4:4.10.4-2) UNRELEASED; urgency=low
+
+  * New patch: libkdcraw_CVE-2013-2126.diff. (Closes: #711317)
+
+ -- Maximiliano Curia <maxy at debian.org>  Mon, 17 Jun 2013 16:29:09 +0200
+
 libkdcraw (4:4.10.4-1) experimental; urgency=low
 
   * New upstream release.
diff --git a/debian/patches/libkdcraw_CVE-2013-2126.diff b/debian/patches/libkdcraw_CVE-2013-2126.diff
new file mode 100644
index 0000000..5ef6410
--- /dev/null
+++ b/debian/patches/libkdcraw_CVE-2013-2126.diff
@@ -0,0 +1,32 @@
+commit b1fc4d9e5f68ee41c453e90a6cb7d91e77e82163
+Author: Maximiliano Curia <maxy at debian.org>
+Date:   Mon Jun 17 16:26:27 2013 +0200
+
+    CVE-2013-2126: double free, fix from: https://github.com/LibRaw/LibRaw/commit/c14ae36d28e80139b2f31b5d9d7623db3b597a3a
+
+diff --git a/libraw/src/libraw_cxx.cpp b/libraw/src/libraw_cxx.cpp
+index 785db91..9279b55 100644
+--- a/libraw/src/libraw_cxx.cpp
++++ b/libraw/src/libraw_cxx.cpp
+@@ -1055,8 +1055,8 @@ int LibRaw::unpack(void)
+                 S.iheight= S.height;
+                 IO.shrink = 0;
+                 // allocate image as temporary buffer, size 
+-                imgdata.rawdata.raw_alloc = calloc(S.iwidth*S.iheight,sizeof(*imgdata.image));
+-                imgdata.image = (ushort (*)[4]) imgdata.rawdata.raw_alloc;
++                imgdata.rawdata.raw_alloc = 0;
++                imgdata.image = (ushort (*)[4]) calloc(S.iwidth*S.iheight,sizeof(*imgdata.image));
+               }
+             ID.input->seek(libraw_internal_data.unpacker_data.data_offset, SEEK_SET);
+             (this->*load_raw)();
+@@ -1073,8 +1073,8 @@ int LibRaw::unpack(void)
+         // recover saved
+         if( decoder_info.decoder_flags & LIBRAW_DECODER_LEGACY)
+             {
+-                imgdata.image = 0; 
+-                imgdata.rawdata.color_image = (ushort (*)[4]) imgdata.rawdata.raw_alloc;
++              imgdata.rawdata.raw_alloc = imgdata.rawdata.color_image = imgdata.image;
++              imgdata.image = 0;
+             }
+ 
+         // recover image sizes
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..560105e
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+libkdcraw_CVE-2013-2126.diff

-- 
libkdcraw packaging