diff --git a/CVE-2019-13616.patch b/CVE-2019-13616.patch new file mode 100644 index 0000000000000000000000000000000000000000..83256fb4dfd24612e7c7e2999896d2f5a3c9dd60 --- /dev/null +++ b/CVE-2019-13616.patch @@ -0,0 +1,23 @@ +# HG changeset patch +# User Sam Lantinga +# Date 1564509600 25200 +# Node ID e7ba650a643ad88dd8545511a18af1c9dcdfa2da +# Parent b810b78d32cc41a2384d0f14746ae889d443ffa7 +Fixed bug 4538 - validate image size when loading BMP files + +diff -r b810b78d32cc -r e7ba650a643a src/video/SDL_bmp.c +--- a/src/video/SDL_bmp.c Thu Jul 25 08:05:13 2019 -0500 ++++ b/src/video/SDL_bmp.c Tue Jul 30 11:00:00 2019 -0700 +@@ -226,6 +226,11 @@ + SDL_RWseek(src, (biSize - headerSize), RW_SEEK_CUR); + } + } ++ if (biWidth <= 0 || biHeight == 0) { ++ SDL_SetError("BMP file with bad dimensions (%dx%d)", biWidth, biHeight); ++ was_error = SDL_TRUE; ++ goto done; ++ } + if (biHeight < 0) { + topDown = SDL_TRUE; + biHeight = -biHeight; + diff --git a/SDL2.spec b/SDL2.spec index 97e533f2cc93b78832ac23591b436ca19e6d8627..7af552995b68d8a6b3ce705fcd65954e9e424f42 100644 --- a/SDL2.spec +++ b/SDL2.spec @@ -1,6 +1,6 @@ Name: SDL2 Version: 2.0.8 -Release: 8 +Release: 9 Summary: Cross-platform multimedia library License: zlib and MIT URL: http://www.libsdl.org/ @@ -8,6 +8,7 @@ Source0: http://www.libsdl.org/release/%{name}-%{version}.tar.gz Source1: SDL_config.h Patch0000: multilib.patch Patch0001: dynapi.patch +Patch0002: CVE-2019-13616.patch BuildRequires: alsa-lib-devel audiofile-devel mesa-libGL-devel BuildRequires: mesa-libGLU-devel mesa-libEGL-devel mesa-libGLES-devel BuildRequires: libXext-devel libX11-devel libXi-devel libXrandr-devel @@ -75,6 +76,12 @@ install -pm 0644 %{SOURCE1} %{buildroot}%{_includedir}/SDL2/SDL_config.h %{_datadir}/aclocal/* %changelog +* Wed Mar 18 2020 openEuler Buildteam - 2.0.8-8 +- Type:CVE +- ID:NA +- SUG:NA +- DESC:Fix CVE-2019-13616 + * Mon Feb 24 2020 yuxiangyang - 2.0.8-8 - Delete buildrequires for jack-audio-connection-kit