Merge branch 'cves.2019.08.29' into 'master'

Misc. security updates

See merge request adelie/packages!336

1 files changed, 46 insertions, 0 deletions

diff --git a/user/djvulibre/CVE-2019-15143.patch b/user/djvulibre/CVE-2019-15143.patch
new file mode 100644
index 000000000..db04087e1
--- /dev/null
+++ b/user/djvulibre/CVE-2019-15143.patch
@@ -0,0 +1,46 @@
+From b1f4e1b2187d9e5010cd01ceccf20b4a11ce723f Mon Sep 17 00:00:00 2001
+From: Leon Bottou <leon@bottou.org>
+Date: Tue, 26 Mar 2019 20:45:46 -0400
+Subject: [PATCH] fix for bug #297
+
+---
+ libdjvu/DjVmDir.cpp | 2 +-
+ libdjvu/GBitmap.cpp | 6 ++++--
+ 2 files changed, 5 insertions(+), 3 deletions(-)
+
+diff --git a/libdjvu/DjVmDir.cpp b/libdjvu/DjVmDir.cpp
+index 0a0fac6..5a49015 100644
+--- a/libdjvu/DjVmDir.cpp
++++ b/libdjvu/DjVmDir.cpp
+@@ -309,7 +309,7 @@ DjVmDir::decode(const GP<ByteStream> &gstr)
+       {
+          GP<File> file=files_list[pos];
+          if (ptr >= (const char*)strings + strings_size)
+-           G_THROW( "DjVu document is corrupted (DjVmDir)" );
++           G_THROW( ByteStream::EndOfFile );
+          file->id=ptr;
+          ptr+=file->id.length()+1;
+          if (file->flags & File::HAS_NAME)
+diff --git a/libdjvu/GBitmap.cpp b/libdjvu/GBitmap.cpp
+index 0e487f0..c2fdbe4 100644
+--- a/libdjvu/GBitmap.cpp
++++ b/libdjvu/GBitmap.cpp
+@@ -890,11 +890,13 @@ GBitmap::read_rle_raw(ByteStream &bs)
+   int c = 0;
+   while (n >= 0)
+     {
+-      bs.read(&h, 1);
++      if (bs.read(&h, 1) <= 0)
++        G_THROW( ByteStream::EndOfFile );
+       int x = h;
+       if (x >= (int)RUNOVERFLOWVALUE)
+         {
+-          bs.read(&h, 1);
++          if (bs.read(&h, 1) <= 0)
++            G_THROW( ByteStream::EndOfFile );
+           x = h + ((x - (int)RUNOVERFLOWVALUE) << 8);
+         }
+       if (c+x > ncolumns)
+-- 
+2.22.1
+