rpms/vtk
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Compare commits

merge into: rpms:rawhide
Branches Tags
rpms:rawhide
rpms:main
rpms:epel9
rpms:f43
rpms:epel9-next
rpms:f42
rpms:f41
rpms:f39
rpms:f40
rpms:epel8
rpms:f37
rpms:f38
rpms:f36
rpms:epel8-playground
rpms:f34
rpms:f35
rpms:f33
rpms:f32
rpms:f31
rpms:f30
rpms:f29
rpms:f28
rpms:f27
rpms:qt5
rpms:f26
rpms:f25
rpms:f24
rpms:epel7
rpms:f23
rpms:f22
rpms:f21
rpms:6.2
rpms:f20
rpms:f19
rpms:el6
rpms:f18
rpms:f17
rpms:f14
rpms:f15
rpms:f16
rpms:f12
rpms:f13
rpms:f11
rpms:fc6
rpms:f9
rpms:f10
rpms:f7
rpms:f8
rpms:vtk-5_6_0-35_fc14
rpms:vtk-5_6_0-34_fc14
rpms:vtk-5_6_0-34_fc13
rpms:vtk-5_6_0-34_fc12
rpms:F-13-start
rpms:F-13-split
rpms:vtk-5_4_2-34_fc12
rpms:F-12-start
rpms:F-12-split
rpms:vtk-5_4_2-33_fc12
rpms:vtk-5_4_2-33_fc11
rpms:vtk-5_4_2-33_fc10
rpms:vtk-5_4_2-31_fc12
rpms:vtk-5_2_1-2_fc11
rpms:vtk-5_2_1-2_fc12
rpms:vtk-5_2_1-1_fc11
rpms:F-11-start
rpms:F-11-split
rpms:vtk-5_2_0-28_fc11
rpms:vtk-5_2_0-27_fc11
rpms:vtk-5_2_0-26_fc11
rpms:vtk-5_2_0-26_fc9
rpms:vtk-5_2_0-26_fc8
rpms:vtk-5_2_0-26_fc10
rpms:vtk-5_0_4-26_fc11
rpms:vtk-5_0_4-25_fc10
rpms:F-10-start
rpms:F-10-split
rpms:vtk-5_0_4-23_99_fc8
rpms:vtk-5_0_4-24_fc8
rpms:vtk-5_0_4-24_fc10
rpms:vtk-5_0_4-24_fc9
rpms:vtk-5_0_4-21_fc9
rpms:F-9-start
rpms:F-9-split
rpms:vtk-5_0_4-20_fc9
rpms:vtk-5_0_4-19_fc9
rpms:vtk-5_0_4-19_fc8
rpms:vtk-5_0_4-19_fc7
rpms:vtk-5_0_3-23_fc9
rpms:vtk-5_0_3-22_fc9
rpms:vtk-5_0_3-20_fc9
rpms:vtk-5_0_3-20_fc8
rpms:F-8-start
rpms:F-8-split
rpms:vtk-5_0_3-18_2_fc8
rpms:vtk-5_0_3-18_2_fc6
rpms:vtk-5_0_3-18_2_fc7
rpms:vtk-5_0_3-18_1_fc8
rpms:vtk-5_0_3-18_1_fc6
rpms:vtk-5_0_3-18_1_fc7
rpms:vtk-5_0_3-18_fc6
rpms:vtk-5_0_3-18_fc7
rpms:vtk-5_0_3-18_fc8
rpms:vtk-5_0_3-18
rpms:FC-6-start
rpms:FC-6-split
rpms:FC-5-split
rpms:F-7-start
rpms:F-7-split
...
pull from: rpms:f37
Branches Tags
rpms:main
rpms:rawhide
rpms:epel9
rpms:f43
rpms:epel9-next
rpms:f42
rpms:f41
rpms:f39
rpms:f40
rpms:epel8
rpms:f37
rpms:f38
rpms:f36
rpms:epel8-playground
rpms:f34
rpms:f35
rpms:f33
rpms:f32
rpms:f31
rpms:f30
rpms:f29
rpms:f28
rpms:f27
rpms:qt5
rpms:f26
rpms:f25
rpms:f24
rpms:epel7
rpms:f23
rpms:f22
rpms:f21
rpms:6.2
rpms:f20
rpms:f19
rpms:el6
rpms:f18
rpms:f17
rpms:f14
rpms:f15
rpms:f16
rpms:f12
rpms:f13
rpms:f11
rpms:fc6
rpms:f9
rpms:f10
rpms:f7
rpms:f8
rpms:vtk-5_6_0-35_fc14
rpms:vtk-5_6_0-34_fc14
rpms:vtk-5_6_0-34_fc13
rpms:vtk-5_6_0-34_fc12
rpms:F-13-start
rpms:F-13-split
rpms:vtk-5_4_2-34_fc12
rpms:F-12-start
rpms:F-12-split
rpms:vtk-5_4_2-33_fc12
rpms:vtk-5_4_2-33_fc11
rpms:vtk-5_4_2-33_fc10
rpms:vtk-5_4_2-31_fc12
rpms:vtk-5_2_1-2_fc11
rpms:vtk-5_2_1-2_fc12
rpms:vtk-5_2_1-1_fc11
rpms:F-11-start
rpms:F-11-split
rpms:vtk-5_2_0-28_fc11
rpms:vtk-5_2_0-27_fc11
rpms:vtk-5_2_0-26_fc11
rpms:vtk-5_2_0-26_fc9
rpms:vtk-5_2_0-26_fc8
rpms:vtk-5_2_0-26_fc10
rpms:vtk-5_0_4-26_fc11
rpms:vtk-5_0_4-25_fc10
rpms:F-10-start
rpms:F-10-split
rpms:vtk-5_0_4-23_99_fc8
rpms:vtk-5_0_4-24_fc8
rpms:vtk-5_0_4-24_fc10
rpms:vtk-5_0_4-24_fc9
rpms:vtk-5_0_4-21_fc9
rpms:F-9-start
rpms:F-9-split
rpms:vtk-5_0_4-20_fc9
rpms:vtk-5_0_4-19_fc9
rpms:vtk-5_0_4-19_fc8
rpms:vtk-5_0_4-19_fc7
rpms:vtk-5_0_3-23_fc9
rpms:vtk-5_0_3-22_fc9
rpms:vtk-5_0_3-20_fc9
rpms:vtk-5_0_3-20_fc8
rpms:F-8-start
rpms:F-8-split
rpms:vtk-5_0_3-18_2_fc8
rpms:vtk-5_0_3-18_2_fc6
rpms:vtk-5_0_3-18_2_fc7
rpms:vtk-5_0_3-18_1_fc8
rpms:vtk-5_0_3-18_1_fc6
rpms:vtk-5_0_3-18_1_fc7
rpms:vtk-5_0_3-18_fc6
rpms:vtk-5_0_3-18_fc7
rpms:vtk-5_0_3-18_fc8
rpms:vtk-5_0_3-18
rpms:FC-6-start
rpms:FC-6-split
rpms:FC-5-split
rpms:F-7-start
rpms:F-7-split
Sign in to create a new pull request.

1 commit
rawhide ... f37

Author SHA1 Message Date
Orion Poplawski
0744477aa5 Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr 
dereference (bz#2189654)
 2023-04-25 17:56:21 -06:00
2 changed files with 43 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

36
9621.patch Normal file
View file

@ -0,0 +1,36 @@
From 72119ea71422d2892f2a0475fc282835310f8d9e Mon Sep 17 00:00:00 2001
From: Cory Quammen <cory.quammen@kitware.com>
Date: Thu, 29 Sep 2022 13:10:00 -0400
Subject: [PATCH] vtkXMLTreeReader: protect against possible nullptr
dereference
Vulnerability reported at
https://nvd.nist.gov/vuln/detail/CVE-2021-42521.
Fixes #17818
(cherry picked from commit 9a2fe8ef2ecbf04f811b2e02b71eae8b94aae089)
---
IO/Infovis/vtkXMLTreeReader.cxx | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/IO/Infovis/vtkXMLTreeReader.cxx b/IO/Infovis/vtkXMLTreeReader.cxx
index 64abca37e96..af64572b27f 100644
--- a/IO/Infovis/vtkXMLTreeReader.cxx
+++ b/IO/Infovis/vtkXMLTreeReader.cxx
@@ -217,6 +217,12 @@ int vtkXMLTreeReader::RequestData(
// Get the root element node
xmlNode* rootElement = xmlDocGetRootElement(doc);
+ if (!rootElement)
+ {
+ vtkErrorMacro(<< "Could not get root element of document.");
+ return 0;
+ }
+
vtkXMLTreeReaderProcessElement(builder, -1, rootElement, this->ReadCharData, this->MaskArrays);
xmlFreeDoc(doc);
--
GitLab

8
vtk.spec
View file

@ -40,7 +40,7 @@
Summary: The Visualization Toolkit - A high level 3D visualization library
Name: vtk
Version: 9.1.0
Release: 17%{?dist}
Release: 18%{?dist}
# This is a variant BSD license, a cross between BSD and ZLIB.
# For all intents, it has the same rights and restrictions as BSD.
# http://fedoraproject.org/wiki/Licensing/BSD#VTKBSDVariant
@ -58,6 +58,8 @@ Patch2: vtk-netcdf.patch
# Duplicate define conflict with Xutil, see:
# https://gitlab.kitware.com/vtk/vtk/-/issues/18048
Patch3: vtk-AllValues.patch
# CVE-2021-42521 - vtkXMLTreeReader: possible nullptr dereference
Patch4: https://gitlab.kitware.com/vtk/vtk/-/merge_requests/9621.patch
URL: https://vtk.org/
@ -844,6 +846,10 @@ cat xorg.log
%changelog
* Tue Apr 25 2023 Orion Poplawski <orion@nwra.com> - 9.1.0-18
- Add upstream patch for CVE-2021-42521 - vtkXMLTreeReader: possible nullptr
dereference (bz#2189654)
* Thu Jul 28 2022 Orion Poplawski <orion@nwra.com> - 9.1.0-17
- Remove all of vtkdata/Wrapping to keep vtk-data noarch