fix cve

2020-09-20 17:49:29 +08:00 · 2020-09-20 17:49:29 +08:00 · 41b163278d
commit 41b163278d
parent 698c875797
2 changed files with 5 additions and 4 deletions
--- a/CVE-2020-17507.patch
+++ b/CVE-2020-17507.patch
@ -1,8 +1,9 @@
 From 1a27a6cefbb457f2fb74159267835aaefb7c992d Mon Sep 17 00:00:00 2001
-From: kang_xiao_qiang <kangshaoqiang1@huawei.com>
-Date: Sun, 20 Sep 2020 15:35:21 +0800
-Subject: [PATCH] 2
+From: Dmitry Shachnev <mitya57@debian.org>
+Date: Tue, 18 Aug 2020 16:16:57 +0300
+Subject: [PATCH] Backport upstream patch to fix buffer overflow in XBMparser.

+Closes: #968444, CVE-2020-17507.
 ---
 src/gui/image/qxbmhandler.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
--- a/qt.spec
+++ b/qt.spec
@ -78,7 +78,7 @@ Patch6001:      CVE-2018-19872.patch
 Patch6002:      CVE-2018-19871.patch
 Patch6003:      CVE-2018-19870.patch
 Patch6004:      CVE-2018-19873.patch
-Patch45:      CVE-2020-17507.patch
+Patch45:        CVE-2020-17507.patch

 BuildRequires:  cups-devel desktop-file-utils gcc-c++ libjpeg-devel findutils libmng-devel libtiff-devel pkgconfig pkgconfig(alsa)
 BuildRequires:  pkgconfig(dbus-1) pkgconfig(fontconfig) pkgconfig(glib-2.0) pkgconfig(icu-i18n) openssl-devel pkgconfig(libpng)