code.ossystems Code Review - openembedded-core.git/commit

author	Li Wang <li.wang@windriver.com>
	Thu, 13 Dec 2012 07:24:06 +0000 (15:24 +0800)
committer	Saul Wold <sgw@linux.intel.com>
	Fri, 14 Dec 2012 23:17:21 +0000 (15:17 -0800)
commit	0742b7aecaada435f90f39f26914906a5eb1fd4f
tree	448dfa4d5de71641ccb72cf8fc66ecbb1197dcfa	tree \| snapshot
parent	64de49bed598ce9d4ee0b448badc38a433712aff	commit \| diff

cups - CVE-2011-2896

the patch come from:
http://cups.org/strfiles/3867/str3867.patch

The LZW decompressor in the LWZReadByte function in giftoppm.c
in the David Koblas GIF decoder in PBMPLUS, as used in the
gif_read_lzw function in filter/image-gif.c in CUPS before 1.4.7,
the LZWReadByte function in plug-ins/common/file-gif-load.c
in GIMP 2.6.11 and earlier, the LZWReadByte function in img/gifread.c
in XPCE in SWI-Prolog 5.10.4 and earlier, and other products,
does not properly handle code words that are absent from the
decompression table when encountered, which allows remote attackers to
trigger an infinite loop or a heap-based buffer overflow, and possibly
execute arbitrary code, via a crafted compressed stream, a related
issue to CVE-2006-1168 and CVE-2011-2895.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-2896

[YOCTO #3582]
[ CQID: WIND00299595 ]
Upstream-Status: Backport

Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Saul Wold <sgw@linux.intel.com>

meta/recipes-extended/cups/cups-1.4.6/cups-CVE-2011-2896.patch	[new file with mode: 0644]	blob
meta/recipes-extended/cups/cups_1.4.6.bb		diff \| blob \| history