packages/pixman
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:1117d27f9184d7a64c8b4048357303b36e3d2c96
Branches Tags
packages:main
..
compare: packages:10ed0d9dceb62e4c5d318af7b1ab8bf44bed108d
Branches Tags
packages:main

10 Commits
1117d27f91 ... 10ed0d9dce

Author SHA1 Message Date
openeuler-ci-bot
10ed0d9dce
!13 [sync] PR-10: fix CVE-2022-44638 
From: @openeuler-sync-bot 
Reviewed-by: @yanan-rock 
Signed-off-by: @yanan-rock
 2022-11-09 09:38:09 +00:00
wangkerong
89c33e30d0 fix CVE-2022-44638 
(cherry picked from commit fbeea3db1590e7a5ae6e40f501a1995b3e9b23ae)
 2022-11-08 19:32:43 +08:00
openeuler-ci-bot
fdf93d9e82
!6 【轻量级 PR】:Rebuild for next release 
From: @zhouwenpei 
Reviewed-by: @t_feng 
Signed-off-by: @t_feng
 2022-10-26 12:11:00 +00:00
zhouwenpei
fc98433362
Rebuild for next release 
Signed-off-by: zhouwenpei <zhouwenpei050@chinasoftinc.com>
 2022-10-26 07:07:02 +00:00
openeuler-ci-bot
101a9570e5 !3 update pixman version from 0.38.0 to 0.40.0 
Merge pull request !3 from 吴超超/master
 2020-07-31 21:12:55 +08:00
吴超超
f2a2b55f90 删除文件 pixman-0.40.0.tar 2020-07-27 14:54:27 +08:00
19909236985
ac02848106 Merge branch 'master' of https://gitee.com/wcc_140409/pixman 2020-07-27 09:46:58 +08:00
吴超超
840f05cfbd update package 2020-07-27 09:46:28 +08:00
吴超超
ae73bd1dab 删除文件 pixman-0.38.0.tar.bz2 2020-07-24 14:49:47 +08:00
19909236985
60cb9e11b1 update package 2020-07-24 14:49:24 +08:00
4 changed files with 51 additions and 5 deletions
Show Stats Expand all files Collapse all files

32
backport-CVE-2022-44638.patch Normal file
View File

@ -0,0 +1,32 @@
From a1f88e842e0216a5b4df1ab023caebe33c101395 Mon Sep 17 00:00:00 2001
From: Matt Turner <mattst88@gmail.com>
Date: Wed, 2 Nov 2022 12:07:32 -0400
Subject: [PATCH] Avoid integer overflow leading to out-of-bounds write
Thanks to Maddie Stone and Google's Project Zero for discovering this
issue, providing a proof-of-concept, and a great analysis.
Closes: https://gitlab.freedesktop.org/pixman/pixman/-/issues/63
Conflict:NA
Reference:https://gitlab.freedesktop.org/pixman/pixman/-/commit/a1f88e842e0216a5b4df1ab023caebe33c101395
---
pixman/pixman-trap.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/pixman/pixman-trap.c b/pixman/pixman-trap.c
index 91766fd..7560405 100644
--- a/pixman/pixman-trap.c
+++ b/pixman/pixman-trap.c
@@ -74,7 +74,7 @@ pixman_sample_floor_y (pixman_fixed_t y,
if (f < Y_FRAC_FIRST (n))
{
- if (pixman_fixed_to_int (i) == 0x8000)
+ if (pixman_fixed_to_int (i) == 0xffff8000)
{
f = 0; /* saturate */
}
--
GitLab

BIN
pixman-0.38.0.tar.bz2
View File

Binary file not shown.

BIN
pixman-pixman-0.40.0.tar.bz2 Normal file
View File

Binary file not shown.

24
pixman.spec
View File

@ -1,10 +1,12 @@
Name: pixman
Version: 0.38.0
Release: 1
Name: pixman
Version: 0.40.0
Release: 3
Summary: Pixman is a pixel manipulation library for X and Cairo
License: MIT
URL: https://gitlab.freedesktop.org/pixman/pixman
Source0: https://xorg.freedesktop.org/archive/individual/lib/%{name}-%{version}.tar.bz2
Source0: https://gitlab.freedesktop.org/pixman/pixman/-/archive/pixman-%{version}/pixman-pixman-%{version}.tar.bz2
Patch6000: backport-CVE-2022-44638.patch
BuildRequires: gcc meson
@ -21,7 +23,7 @@ Requires: pkgconfig
Provide library and header files for pixman
%prep
%autosetup -n %{name}-%{version} -p1
%autosetup -n pixman-%{name}-%{version} -p1
sed -i 's/120/600/' test/meson.build
%build
@ -53,6 +55,18 @@ sed -i 's/120/600/' test/meson.build
%{_libdir}/pkgconfig/*
%changelog
* Tue Nov 08 2022 wangkerong <wangkerong@h-partners.com> - 0.40.0-3
- fix CVE-2022-44638
* Wed Oct 26 2022 zhouwenpei <zhouwenpei1@h-partners.com> - 0.40.0-2
- Rebuild for next release
* Mon Apr 20 2020 openEuler Buildteam <buildteam@openeuler.org> - 0.40.0-1
- Type:enhancement
- Id:NA
- SUG:NA
- DESC:update to 0.40.0
* Mon Sep 9 2019 openEuler Buildteam <buildteam@openeuler.org> - 0.38.0-1
- Type:enhancement
- Id:NA