M gnu/local.mk => gnu/local.mk +1 -0
@@ 901,6 901,7 @@ dist_patch_DATA = \
%D%/packages/patches/ola-readdir-r.patch \
%D%/packages/patches/openscenegraph-ffmpeg3.patch \
%D%/packages/patches/openexr-missing-samples.patch \
+ %D%/packages/patches/openjpeg-CVE-2017-12982.patch \
%D%/packages/patches/openldap-CVE-2017-9287.patch \
%D%/packages/patches/openocd-nrf52.patch \
%D%/packages/patches/openssl-runpath.patch \
M gnu/packages/image.scm => gnu/packages/image.scm +2 -1
@@ 549,7 549,8 @@ work.")
(file-name (string-append name "-" version ".tar.gz"))
(sha256
(base32
- "0yvfghxwfm3dcqr9krkw63pcd76hzkknc3fh7bh11s8qlvjvrpbg"))))
+ "0yvfghxwfm3dcqr9krkw63pcd76hzkknc3fh7bh11s8qlvjvrpbg"))
+ (patches (search-patches "openjpeg-CVE-2017-12982.patch"))))
(build-system cmake-build-system)
(arguments
;; Trying to run `$ make check' results in a no rule fault.
A gnu/packages/patches/openjpeg-CVE-2017-12982.patch => gnu/packages/patches/openjpeg-CVE-2017-12982.patch +28 -0
@@ 0,0 1,28 @@
+http://openwall.com/lists/oss-security/2017/08/21/1
+https://github.com/uclouvain/openjpeg/commit/baf0c1ad4572daa89caa3b12985bdd93530f0dd7.patch
+
+From baf0c1ad4572daa89caa3b12985bdd93530f0dd7 Mon Sep 17 00:00:00 2001
+From: Even Rouault <even.rouault@spatialys.com>
+Date: Mon, 14 Aug 2017 17:26:58 +0200
+Subject: [PATCH] bmp_read_info_header(): reject bmp files with biBitCount == 0
+ (#983)
+
+---
+ src/bin/jp2/convertbmp.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
+index b49e7a080..2715fdf24 100644
+--- a/src/bin/jp2/convertbmp.c
++++ b/src/bin/jp2/convertbmp.c
+@@ -392,6 +392,10 @@ static OPJ_BOOL bmp_read_info_header(FILE* IN, OPJ_BITMAPINFOHEADER* header)
+
+ header->biBitCount = (OPJ_UINT16)getc(IN);
+ header->biBitCount |= (OPJ_UINT16)((OPJ_UINT32)getc(IN) << 8);
++ if (header->biBitCount == 0) {
++ fprintf(stderr, "Error, invalid biBitCount %d\n", 0);
++ return OPJ_FALSE;
++ }
+
+ if (header->biSize >= 40U) {
+ header->biCompression = (OPJ_UINT32)getc(IN);