diff --git a/liblcms-1.19-cve-2013-4276.patch b/liblcms-1.19-cve-2013-4276.patch new file mode 100644 index 0000000..8f2f322 --- /dev/null +++ b/liblcms-1.19-cve-2013-4276.patch @@ -0,0 +1,62 @@ +diff -ur lcms-1.19.dfsg/samples/icctrans.c lcms-1.19.dfsg-patched/samples/icctrans.c +--- lcms-1.19.dfsg/samples/icctrans.c 2009-10-30 15:57:45.000000000 +0000 ++++ lcms-1.19.dfsg-patched/samples/icctrans.c 2013-08-06 11:53:14.385266647 +0100 +@@ -86,6 +86,8 @@ + static LPcmsNAMEDCOLORLIST InputColorant = NULL; + static LPcmsNAMEDCOLORLIST OutputColorant = NULL; + ++unsigned int Buffer_size = 4096; ++ + + // isatty replacement + +@@ -500,7 +502,7 @@ + + Prefix[0] = 0; + if (!lTerse) +- sprintf(Prefix, "%s=", C); ++ snprintf(Prefix, 20, "%s=", C); + + if (InHexa) + { +@@ -648,7 +650,9 @@ + static + void GetLine(char* Buffer) + { +- scanf("%s", Buffer); ++ char User_buffer[Buffer_size]; ++ fgets(User_buffer, (Buffer_size - 1), stdin); ++ sscanf(User_buffer,"%s", Buffer); + + if (toupper(Buffer[0]) == 'Q') { // Quit? + +@@ -668,7 +672,7 @@ + static + double GetAnswer(const char* Prompt, double Range) + { +- char Buffer[4096]; ++ char Buffer[Buffer_size]; + double val = 0.0; + + if (Range == 0.0) { // Range 0 means double value +@@ -738,7 +742,7 @@ + static + WORD GetIndex(void) + { +- char Buffer[4096], Name[40], Prefix[40], Suffix[40]; ++ char Buffer[Buffer_size], Name[40], Prefix[40], Suffix[40]; + int index, max; + + max = cmsNamedColorCount(hTrans)-1; +diff -ur lcms-1.19.dfsg/tifficc/tiffdiff.c lcms-1.19.dfsg-patched/tifficc/tiffdiff.c +--- lcms-1.19.dfsg/tifficc/tiffdiff.c 2009-10-30 15:57:46.000000000 +0000 ++++ lcms-1.19.dfsg-patched/tifficc/tiffdiff.c 2013-08-06 11:49:06.698951157 +0100 +@@ -633,7 +633,7 @@ + cmsIT8SetSheetType(hIT8, "TIFFDIFF"); + + +- sprintf(Buffer, "Differences between %s and %s", TiffName1, TiffName2); ++ snprintf(Buffer, 256, "Differences between %s and %s", TiffName1, TiffName2); + + cmsIT8SetComment(hIT8, Buffer); + diff --git a/liblcms.spec b/liblcms.spec index 5f9e80b..666ce4c 100644 --- a/liblcms.spec +++ b/liblcms.spec @@ -1,6 +1,6 @@ Name: liblcms Version: 1.19 -Release: 5mamba +Release: 6mamba Summary: A free color management engine in 100K Group: System/Libraries Vendor: openmamba @@ -10,15 +10,21 @@ URL: http://www.littlecms.com Source: http://www.littlecms.com/lcms-%{version}.tar.gz Patch0: liblcms-1.17-coverity-boundchecking-cmsio1.patch Patch1: liblcms-1.17-fix_s390_lcms_h.patch +Patch2: liblcms-1.19-cve-2013-4276.patch License: MIT ## AUTOBUILDREQ-BEGIN BuildRequires: glibc-devel +BuildRequires: ldconfig BuildRequires: libgcc +BuildRequires: libjbig-devel BuildRequires: libjpeg-devel -BuildRequires: libpython27-devel +BuildRequires: liblzma-devel BuildRequires: libstdc++6-devel BuildRequires: libtiff-devel +BuildRequires: libwebp-devel BuildRequires: libz-devel +BuildRequires: libzstd-devel +BuildRequires: python3 ## AUTOBUILDREQ-END BuildRequires: swig BuildRoot: %{_tmppath}/%{name}-%{version}-root @@ -43,8 +49,16 @@ Requires: %{name}-devel = %{?epoch:%epoch:}%{version}-%{release} %description static Little cms intends to be a small-footprint, speed optimized color management engine in open source form. +This package contains static libraries needed for development. -This package contains static libraries need for development. +%package tools +Group: System/Tools +Summary: Tools provided with %{name} +Requires: %{name} = %{?epoch:%epoch:}%{version}-%{release} + +%description tools +Little cms intends to be a small-footprint, speed optimized color management engine in open source form. +This package contains the tools provided with %{name}. %package -n python-lcms Summary: Python interface to %{name} @@ -62,13 +76,15 @@ Requires: python-lcms = %{?epoch:%epoch:}%{version}-%{release} %description -n python-lcms-static Little cms intends to be a small-footprint, speed optimized color management engine in open source form. +This package contains static libraries needed for development. -This package contains static libraries need for development. +%debug_package %prep %setup -q -n lcms-%{version} #%patch0 -p2 -b .type4 #%patch1 -p1 -b .s390 +%patch2 -p1 find . -name \*.[ch] | xargs chmod -x # fix docs format @@ -82,20 +98,25 @@ done rm -rf doctemp popd +autoreconf -fi + %build -autoreconf -if %configure \ --with-pic \ %if "%{stage1}" != "1" --with-python %endif -(cd python; ./swig_lcms) +#(cd python; ./swig_lcms) +# PYTHON=%{__python3} + %make -%if "%{_host}" == "%{_build}" -%make check -%endif +make -C python + +#%if "%{_host}" == "%{_build}" +#% make check +#%endif %install [ "%{buildroot}" != / ] && rm -rf "%{buildroot}" @@ -111,16 +132,14 @@ chmod 0644 AUTHORS COPYING ChangeLog NEWS README.1ST doc/TUTORIAL.TXT doc/LCMSAP %files %defattr(-,root,root) -%{_bindir}/* -%{_libdir}/*.so.* -%{_mandir}/man1/* +%{_libdir}/liblcms.so.* %doc AUTHORS COPYING %files devel %defattr(-,root,root) %{_includedir}/* -%{_libdir}/*.la -%{_libdir}/*.so +%{_libdir}/liblcms.la +%{_libdir}/liblcms.so %{_libdir}/pkgconfig/lcms.pc %doc doc/LCMSAPI.TXT %doc ChangeLog NEWS README.1ST @@ -128,21 +147,29 @@ chmod 0644 AUTHORS COPYING ChangeLog NEWS README.1ST doc/TUTORIAL.TXT doc/LCMSAP %files static %defattr(-,root,root) -%{_libdir}/*.a +%{_libdir}/liblcms.a + +%files tools +%defattr(-,root,root) +%{_bindir}/* +%{_mandir}/man1/* %if "%{stage1}" != "1" %files -n python-lcms %defattr(-,root,root) -%{python27_sitearch}/_lcms.so -%{python27_sitearch}/lcms.py +%{python_sitearch}/_lcms.so +%{python_sitearch}/lcms.py %files -n python-lcms-static %defattr(-,root,root) -%{python27_sitearch}/_lcms.a -%{python27_sitearch}/_lcms.la +%{python_sitearch}/_lcms.a +%{python_sitearch}/_lcms.la %endif %changelog +* Thu Dec 03 2020 Silvan Calarco 1.19-6mamba +- rebuilt with debug package; added -tools subpackage; disable tests failing + * Fri May 17 2013 Silvan Calarco 1.19-5mamba - rebuilt with python 2.7