* [OE-core][scarthgap][PATCH] gdk-pixbuf: Fix CVE-2025-6199
@ 2026-02-11 8:35 Shaik Moin
2026-02-21 21:24 ` Yoann Congal
0 siblings, 1 reply; 3+ messages in thread
From: Shaik Moin @ 2026-02-11 8:35 UTC (permalink / raw)
To: openembedded-core; +Cc: careers.myinfo
CVE: CVE-2025-6199
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32.patch]
Backport the fix for CVE-2025-6199
Add below patch to fix
0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch
Signed-off-by: Shaik Moin <moins@kpit.com>
---
...d-support-patch-to-fix-CVE-2025-6199.patch | 36 +++++++++++++++++++
.../gdk-pixbuf/gdk-pixbuf_2.42.12.bb | 1 +
2 files changed, 37 insertions(+)
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch
diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch
new file mode 100644
index 0000000000..aa8bfec8f4
--- /dev/null
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch
@@ -0,0 +1,36 @@
+From 140200be0b4d5355aab76a6fd474e17d117045ca Mon Sep 17 00:00:00 2001
+From: lumi <lumi@suwi.moe>
+Date: Sat, 7 Jun 2025 22:27:06 +0200
+Subject: [PATCH] lzw: Fix reporting of bytes written in decoder
+
+When the LZW decoder encounters an invalid code, it stops
+processing the image and returns the whole buffer size.
+It should return the amount of bytes written, instead.
+
+Fixes #257
+
+CVE: CVE-2025-6199
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32.patch]
+
+Signed-off-by: Shaik Moin <moins@kpit.com>
+---
+ gdk-pixbuf/lzw.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gdk-pixbuf/lzw.c b/gdk-pixbuf/lzw.c
+index 15293560b..4f3dd8beb 100644
+--- a/gdk-pixbuf/lzw.c
++++ b/gdk-pixbuf/lzw.c
+@@ -208,7 +208,7 @@ lzw_decoder_feed (LZWDecoder *self,
+ /* Invalid code received - just stop here */
+ if (self->code >= self->code_table_size) {
+ self->last_code = self->eoi_code;
+- return output_length;
++ return n_written;
+ }
+
+ /* Convert codeword into indexes */
+--
+2.34.1
+
diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb
index ff1c7a1fb2..8579614bb1 100644
--- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb
@@ -21,6 +21,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \
file://fatal-loader.patch \
file://0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch \
file://CVE-2025-7345.patch \
+ file://0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch \
"
SRC_URI[sha256sum] = "b9505b3445b9a7e48ced34760c3bcb73e966df3ac94c95a148cb669ab748e3c7"
--
2.34.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [OE-core][scarthgap][PATCH] gdk-pixbuf: Fix CVE-2025-6199
2026-02-11 8:35 Shaik Moin
@ 2026-02-21 21:24 ` Yoann Congal
0 siblings, 0 replies; 3+ messages in thread
From: Yoann Congal @ 2026-02-21 21:24 UTC (permalink / raw)
To: careers.myinfo, openembedded-core
Hello,
On Wed Feb 11, 2026 at 9:35 AM CET, Shaik Moin via lists.openembedded.org wrote:
> CVE: CVE-2025-6199
> Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32.patch]
>
> Backport the fix for CVE-2025-6199
> Add below patch to fix
> 0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch
Thank you for the patch but it needs improvements:
* The commit message body should not have "CVE:" and "Upstream-Status:"
those are for patches.
* The commit message should justify why you import this particular
patch. Is it the patch cited by the NVD report? another source?
> Signed-off-by: Shaik Moin <moins@kpit.com>
> ---
> ...d-support-patch-to-fix-CVE-2025-6199.patch | 36 +++++++++++++++++++
> .../gdk-pixbuf/gdk-pixbuf_2.42.12.bb | 1 +
> 2 files changed, 37 insertions(+)
> create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch
>
> diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch
> new file mode 100644
> index 0000000000..aa8bfec8f4
> --- /dev/null
> +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch
> @@ -0,0 +1,36 @@
> +From 140200be0b4d5355aab76a6fd474e17d117045ca Mon Sep 17 00:00:00 2001
> +From: lumi <lumi@suwi.moe>
> +Date: Sat, 7 Jun 2025 22:27:06 +0200
> +Subject: [PATCH] lzw: Fix reporting of bytes written in decoder
> +
> +When the LZW decoder encounters an invalid code, it stops
> +processing the image and returns the whole buffer size.
> +It should return the amount of bytes written, instead.
> +
> +Fixes #257
> +
> +CVE: CVE-2025-6199
> +
> +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32.patch]
I'd rather have the simpler link
https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32
(without the .patch extension): it makes checking if the patch is in a
branch really easy.
> +
> +Signed-off-by: Shaik Moin <moins@kpit.com>
> +---
> + gdk-pixbuf/lzw.c | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/gdk-pixbuf/lzw.c b/gdk-pixbuf/lzw.c
> +index 15293560b..4f3dd8beb 100644
> +--- a/gdk-pixbuf/lzw.c
> ++++ b/gdk-pixbuf/lzw.c
> +@@ -208,7 +208,7 @@ lzw_decoder_feed (LZWDecoder *self,
> + /* Invalid code received - just stop here */
> + if (self->code >= self->code_table_size) {
> + self->last_code = self->eoi_code;
> +- return output_length;
> ++ return n_written;
> + }
> +
> + /* Convert codeword into indexes */
> +--
> +2.34.1
> +
> diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb
> index ff1c7a1fb2..8579614bb1 100644
> --- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb
> +++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb
> @@ -21,6 +21,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \
> file://fatal-loader.patch \
> file://0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch \
> file://CVE-2025-7345.patch \
> + file://0001-gdk-pixbuf-Add-support-patch-to-fix-CVE-2025-6199.patch \
Can you please name this patch "CVE-2025-6199.patch" to follow
conventions?
Also, this CVE impacts whinlatter, please send a patch for whinlatter.
Thanks!
> "
>
> SRC_URI[sha256sum] = "b9505b3445b9a7e48ced34760c3bcb73e966df3ac94c95a148cb669ab748e3c7"
--
Yoann Congal
Smile ECS
^ permalink raw reply [flat|nested] 3+ messages in thread
* [OE-core][scarthgap][PATCH] gdk-pixbuf: Fix CVE-2025-6199
@ 2026-02-26 3:47 Shaik Moin
0 siblings, 0 replies; 3+ messages in thread
From: Shaik Moin @ 2026-02-26 3:47 UTC (permalink / raw)
To: openembedded-core; +Cc: careers.myinfo
Backport the fix for CVE-2025-6199
Add below patch to fix
CVE-2025-6199.patch
Reference: In Ubuntu and debian, fixed patch is given -> [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32]
Signed-off-by: Shaik Moin <moins@kpit.com>
---
.../gdk-pixbuf/gdk-pixbuf/CVE-2025-6199.patch | 36 +++++++++++++++++++
.../gdk-pixbuf/gdk-pixbuf_2.42.12.bb | 1 +
2 files changed, 37 insertions(+)
create mode 100644 meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-6199.patch
diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-6199.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-6199.patch
new file mode 100644
index 0000000000..1952e3ceaf
--- /dev/null
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2025-6199.patch
@@ -0,0 +1,36 @@
+From 140200be0b4d5355aab76a6fd474e17d117045ca Mon Sep 17 00:00:00 2001
+From: lumi <lumi@suwi.moe>
+Date: Sat, 7 Jun 2025 22:27:06 +0200
+Subject: [PATCH] lzw: Fix reporting of bytes written in decoder
+
+When the LZW decoder encounters an invalid code, it stops
+processing the image and returns the whole buffer size.
+It should return the amount of bytes written, instead.
+
+Fixes #257
+
+CVE: CVE-2025-6199
+
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/commit/c4986342b241cdc075259565f3fa7a7597d32a32]
+
+Signed-off-by: Shaik Moin <moins@kpit.com>
+---
+ gdk-pixbuf/lzw.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gdk-pixbuf/lzw.c b/gdk-pixbuf/lzw.c
+index 15293560b..4f3dd8beb 100644
+--- a/gdk-pixbuf/lzw.c
++++ b/gdk-pixbuf/lzw.c
+@@ -208,7 +208,7 @@ lzw_decoder_feed (LZWDecoder *self,
+ /* Invalid code received - just stop here */
+ if (self->code >= self->code_table_size) {
+ self->last_code = self->eoi_code;
+- return output_length;
++ return n_written;
+ }
+
+ /* Convert codeword into indexes */
+--
+2.34.1
+
diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb
index ff1c7a1fb2..7c58fe1e1d 100644
--- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.42.12.bb
@@ -21,6 +21,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \
file://fatal-loader.patch \
file://0001-meson.build-allow-a-subset-of-tests-in-cross-compile.patch \
file://CVE-2025-7345.patch \
+ file://CVE-2025-6199.patch \
"
SRC_URI[sha256sum] = "b9505b3445b9a7e48ced34760c3bcb73e966df3ac94c95a148cb669ab748e3c7"
--
2.34.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-02-26 6:07 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-02-26 3:47 [OE-core][scarthgap][PATCH] gdk-pixbuf: Fix CVE-2025-6199 Shaik Moin
-- strict thread matches above, loose matches on Subject: below --
2026-02-11 8:35 Shaik Moin
2026-02-21 21:24 ` Yoann Congal
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox