Compare commits

...
Sign in to create a new pull request.

2 commits

Author SHA1 Message Date
Sandro Mani
90bd8d08f8 Update to 3.3.3 2022-02-04 19:22:36 +01:00
Sandro Mani
28d95f449f Backport patch for CVE-2021-45943 2022-02-04 18:58:46 +01:00
4 changed files with 40 additions and 4 deletions

2
.gitignore vendored
View file

@ -65,3 +65,5 @@ gdalautotest-1.7.0.tar.gz
/gdalautotest-3.3.1.tar.gz
/gdal-3.3.2-fedora.tar.xz
/gdalautotest-3.3.2.tar.gz
/gdalautotest-3.3.3.tar.gz
/gdal-3.3.3-fedora.tar.xz

25
CVE-2021-45943.patch Normal file
View file

@ -0,0 +1,25 @@
diff -rupN gdal-3.3.2-fedora/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp gdal-3.3.2-fedora-new/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp
--- gdal-3.3.2-fedora/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp 2021-09-01 11:51:01.000000000 +0200
+++ gdal-3.3.2-fedora-new/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp 2022-02-04 18:57:11.761058218 +0100
@@ -31,6 +31,7 @@
#include "pcidsk_exception.h"
#include "core/pcidsk_utils.h"
+#include <limits>
#include <vector>
#include <string>
#include <cassert>
@@ -73,8 +74,12 @@ void CPCIDSKBinarySegment::Load()
if (loaded_) {
return;
}
+ if( data_size - 1024 > static_cast<uint64_t>(std::numeric_limits<int>::max()) )
+ {
+ return ThrowPCIDSKException("too large data_size");
+ }
- seg_data.SetSize((int)data_size - 1024);
+ seg_data.SetSize((int)(data_size - 1024));
ReadFromFile(seg_data.buffer, 0, data_size - 1024);

View file

@ -8,7 +8,7 @@
#TODO: Consider doxy patch from Suse, setting EXTRACT_LOCAL_CLASSES = NO
# Tests can be of a different version
%global testversion 3.3.2
%global testversion 3.3.3
%global run_tests 1
%global bashcompletiondir %(pkg-config --variable=compatdir bash-completion)
@ -43,7 +43,7 @@
%endif
Name: gdal
Version: 3.3.2
Version: 3.3.3
Release: 1%{?dist}%{?bootstrap:.%{bootstrap}.bootstrap}
Summary: GIS file format library
License: MIT
@ -78,6 +78,9 @@ Patch8: %{name}-gcc11.patch
Patch9: gdal_no-diag-disable.patch
# Fix build with autoconf 2.70
Patch10: gdal_autoconf270.patch
# Backport patch for CVE-2021-45943
# https://github.com/OSGeo/gdal/pull/4944
Patch11: CVE-2021-45943.patch
BuildRequires: gcc
@ -641,6 +644,12 @@ popd
#Or as before, using ldconfig
%changelog
* Fri Feb 04 2022 Sandro Mani <manisandro@gmail.com> - 3.3.3-1
- Update to 3.3.3
* Fri Feb 04 2022 Sandro Mani <manisandro@gmail.com> - 3.3.2-2
- Backport patch for CVE-2021-45943
* Tue Sep 07 2021 Sandro Mani <manisandro@gmail.com> - 3.3.2-1
- Update to 3.3.2

View file

@ -1,2 +1,2 @@
SHA512 (gdal-3.3.2-fedora.tar.xz) = 7fd49081d2ee03603083d51357a615386b53ddc2c15592001c560b060d3b7162f0594b6c2a5b82654617877a4e960b9462d4fcb9fbda9d3e7d4b7c63361d34ca
SHA512 (gdalautotest-3.3.2.tar.gz) = e82f95ba3214bfcdb4d38f87d7ec57931bc44da96b0cf58e81dd90ef60adf0ef700d8f3bcef17a706afdbd87feb01c201cc7d43ea8832daecdc98d9f2880ddda
SHA512 (gdalautotest-3.3.3.tar.gz) = 942cc4a87653602e718f335bbdd80727475655e1e2a1993fda51df73a8ba5492c8fa365e0c3b61ee4a88d5044922065bf07247597798231d7e11a84249ed52b6
SHA512 (gdal-3.3.3-fedora.tar.xz) = baed4740df4dc113c42041d71ab2857b567988cac2a0fade546931c3b2eff307685a14d07e39dc12cd1ef37faf4286a5ed1cf835ab201f3546c8963fcc57b261