summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch21
-rw-r--r--meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb1
2 files changed, 22 insertions, 0 deletions
diff --git a/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch
new file mode 100644
index 0000000000..4afedf8e59
--- /dev/null
+++ b/meta-oe/recipes-support/exiv2/exiv2/CVE-2021-29473.patch
@@ -0,0 +1,21 @@
1From e6a0982f7cd9282052b6e3485a458d60629ffa0b Mon Sep 17 00:00:00 2001
2From: Kevin Backhouse <kevinbackhouse@github.com>
3Date: Fri, 23 Apr 2021 11:44:44 +0100
4Subject: [PATCH] Add bounds check in Jp2Image::doWriteMetadata().
5
6---
7 src/jp2image.cpp | 1 +
8 1 file changed, 1 insertion(+)
9
10diff --git a/src/jp2image.cpp b/src/jp2image.cpp
11index 1694fed27..ca8c9ddbb 100644
12--- a/src/jp2image.cpp
13+++ b/src/jp2image.cpp
14@@ -908,6 +908,7 @@ static void boxes_check(size_t b,size_t m)
15
16 case kJp2BoxTypeUuid:
17 {
18+ enforce(boxBuf.size_ >= 24, Exiv2::kerCorruptedMetadata);
19 if(memcmp(boxBuf.pData_ + 8, kJp2UuidExif, 16) == 0)
20 {
21 #ifdef EXIV2_DEBUG_MESSAGES
diff --git a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
index 2419bab352..d5d9e62ff2 100644
--- a/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
+++ b/meta-oe/recipes-support/exiv2/exiv2_0.27.3.bb
@@ -15,6 +15,7 @@ SRC_URI += "file://0001-Use-compiler-fcf-protection-only-if-compiler-arch-su.pat
15 file://CVE-2021-29463.patch \ 15 file://CVE-2021-29463.patch \
16 file://CVE-2021-29464.patch \ 16 file://CVE-2021-29464.patch \
17 file://CVE-2021-29470.patch \ 17 file://CVE-2021-29470.patch \
18 file://CVE-2021-29473.patch \
18 file://CVE-2021-3482.patch" 19 file://CVE-2021-3482.patch"
19 20
20S = "${WORKDIR}/${BPN}-${PV}-Source" 21S = "${WORKDIR}/${BPN}-${PV}-Source"
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-11-01 13:32:28 +0000