From: Peter Korsgaard <peter@korsgaard.com>
To: Quentin Schulz <foss+buildroot@0leil.net>
Cc: Quentin Schulz <quentin.schulz@theobroma-systems.com>,
Fabrice Fontaine <fontaine.fabrice@gmail.com>,
buildroot@buildroot.org
Subject: Re: [Buildroot] [PATCH 2/2] package/cairo: fix CVE-2020-35492
Date: Wed, 14 Dec 2022 20:03:48 +0100 [thread overview]
Message-ID: <87len9u7sb.fsf@dell.be.48ers.dk> (raw)
In-Reply-To: <20221213-cairo-cves-v1-2-b802b492d112@theobroma-systems.com> (Quentin Schulz's message of "Wed, 14 Dec 2022 12:16:02 +0100")
>>>>> "Quentin" == Quentin Schulz <foss+buildroot@0leil.net> writes:
> From: Quentin Schulz <quentin.schulz@theobroma-systems.com>
> Add an upstream patch to fix CVE-2020-35492:
> A flaw was found in cairo's image-compositor.c in all versions prior to
> 1.17.4. This flaw allows an attacker who can provide a crafted input
> file to cairo's image-compositor (for example, by convincing a user to
> open a file in an application using cairo, or if an application uses
> cairo on untrusted input) to cause a stack buffer overflow ->
> out-of-bounds WRITE. The highest impact from this vulnerability is to
> confidentiality, integrity, as well as system availability.
> Important note: this is not the exact upstream patch. Indeed, the
> upstream patch[1] contains a png file which appears as a binary diff
> inside the patch. The `patch` tool which is used by Buildroot to apply
> patches does not handle that kind of diff. Since it is just a test, it
> shouldn't impact the quality of the CVE fix and all changes related to
> the test are removed from the patch.
> [1] https://gitlab.freedesktop.org/cairo/cairo/-/commit/03a820b173ed1fdef6ff14b4468f5dbc02ff59be
> Cc: Quentin Schulz <foss+buildroot@0leil.net>
> Signed-off-by: Quentin Schulz <quentin.schulz@theobroma-systems.com>
Committed, thanks.
--
Bye, Peter Korsgaard
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
next prev parent reply other threads:[~2022-12-14 19:03 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-14 11:16 [Buildroot] [PATCH 0/2] package/cairo: fix multiple CVEs Quentin Schulz
2022-12-14 11:16 ` [Buildroot] [PATCH 1/2] package/cairo: fix CVE-2019-6462 Quentin Schulz
2022-12-14 19:03 ` Peter Korsgaard
2022-12-21 17:57 ` Peter Korsgaard
2022-12-14 11:16 ` [Buildroot] [PATCH 2/2] package/cairo: fix CVE-2020-35492 Quentin Schulz
2022-12-14 19:03 ` Peter Korsgaard [this message]
2022-12-21 17:57 ` Peter Korsgaard
2022-12-14 19:01 ` [Buildroot] [PATCH 0/2] package/cairo: fix multiple CVEs Peter Korsgaard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87len9u7sb.fsf@dell.be.48ers.dk \
--to=peter@korsgaard.com \
--cc=buildroot@buildroot.org \
--cc=fontaine.fabrice@gmail.com \
--cc=foss+buildroot@0leil.net \
--cc=quentin.schulz@theobroma-systems.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.