Merge branch '1.0-dev' into 1.0

Author: jslobodzian

SPECS/libtiff/CVE-2022-3970.patch

@@ -0,0 +1,37 @@
+From 227500897dfb07fb7d27f7aa570050e62617e3be Mon Sep 17 00:00:00 2001
+From: Even Rouault <[email protected]>
+Date: Tue, 8 Nov 2022 15:16:58 +0100
+Subject: [PATCH] TIFFReadRGBATileExt(): fix (unsigned) integer overflow on
+ strips/tiles > 2 GB
+
+Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53137
+---
+ libtiff/tif_getimage.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/libtiff/tif_getimage.c b/libtiff/tif_getimage.c
+index a4d0c1d6..60b94d8e 100644
+--- a/libtiff/tif_getimage.c
++++ b/libtiff/tif_getimage.c
+@@ -3016,15 +3016,15 @@ TIFFReadRGBATileExt(TIFF* tif, uint32_t col, uint32_t row, uint32_t * raster, in
+         return( ok );
+ 
+     for( i_row = 0; i_row < read_ysize; i_row++ ) {
+-        memmove( raster + (tile_ysize - i_row - 1) * tile_xsize,
+-                 raster + (read_ysize - i_row - 1) * read_xsize,
++        memmove( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize,
++                 raster + (size_t)(read_ysize - i_row - 1) * read_xsize,
+                  read_xsize * sizeof(uint32_t) );
+-        _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize+read_xsize,
++        _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize+read_xsize,
+                      0, sizeof(uint32_t) * (tile_xsize - read_xsize) );
+     }
+ 
+     for( i_row = read_ysize; i_row < tile_ysize; i_row++ ) {
+-        _TIFFmemset( raster + (tile_ysize - i_row - 1) * tile_xsize,
++        _TIFFmemset( raster + (size_t)(tile_ysize - i_row - 1) * tile_xsize,
+                      0, sizeof(uint32_t) * tile_xsize );
+     }
+ 
+-- 
+GitLab

SPECS/libtiff/libtiff.spec

@@ -1,7 +1,7 @@
 Summary:        TIFF libraries and associated utilities.
 Name:           libtiff
 Version:        4.4.0
-Release:        5%{?dist}
+Release:        6%{?dist}
 License:        libtiff
 URL:            https://gitlab.com/libtiff/libtiff
 Group:          System Environment/Libraries
@@ -16,6 +16,7 @@ Patch3:         CVE-2022-3570.patch
 # Also fixes CVE-2022: 3626 and 3627.
 Patch4:         CVE-2022-3597.patch
 Patch5:         CVE-2022-3599.patch
+Patch6:         CVE-2022-3970.patch
 
 BuildRequires:  autoconf
 BuildRequires:  automake
@@ -75,6 +76,9 @@ make %{?_smp_mflags} -k check
 %{_datadir}/man/man3/*
 
 %changelog
+* Fri Nov 18 2022 Nicolas Guibourge <[email protected]> - 4.4.0-6
+- Patching CVE-2022-3970.
+
 * Mon Nov 07 2022 Pawel Winogrodzki <[email protected]> - 4.4.0-5
 - Patching CVE-2022s: 3597, 3598, 3599, 3626, and 3627.
 

SPECS/python3-twisted/python3-twisted.spec

@@ -54,14 +54,16 @@ CFLAGS="${CFLAGS:-${optflags}}" LDFLAGS="${LDFLAGS:-%{build_ldflags}}" python3 s
 
 %install
 python3 setup.py install --prefix=%{_prefix} --root=%{buildroot}
-ln -s twistd %{buildroot}/%{_bindir}/twistd3
-ln -s trial %{buildroot}/%{_bindir}/trial3
-ln -s tkconch %{buildroot}/%{_bindir}/tkconch3
-ln -s pyhtmlizer %{buildroot}/%{_bindir}/pyhtmlizer3
-ln -s twist %{buildroot}/%{_bindir}/twist3
-ln -s conch %{buildroot}/%{_bindir}/conch3
-ln -s ckeygen %{buildroot}/%{_bindir}/ckeygen3
-ln -s cftp %{buildroot}/%{_bindir}/cftp3
+# Re-naming binaries to avoid conflicts with older Python 2 version of the package.
+mv %{buildroot}/%{_bindir}/{cftp,cftp3}
+mv %{buildroot}/%{_bindir}/{ckeygen,ckeygen3}
+mv %{buildroot}/%{_bindir}/{conch,conch3}
+mv %{buildroot}/%{_bindir}/{mailmail,mailmail3}
+mv %{buildroot}/%{_bindir}/{pyhtmlizer,pyhtmlizer3}
+mv %{buildroot}/%{_bindir}/{tkconch,tkconch3}
+mv %{buildroot}/%{_bindir}/{trial,trial3}
+mv %{buildroot}/%{_bindir}/{twist,twist3}
+mv %{buildroot}/%{_bindir}/{twistd,twistd3}
 
 %check
 route add -net 224.0.0.0 netmask 240.0.0.0 dev lo
@@ -76,27 +78,20 @@ LANG=en_US.UTF-8 sudo -u test /home/test/.local/bin/tox -e nocov-posix-alldeps
 %defattr(-,root,root)
 %license LICENSE
 %{python3_sitelib}/*
-%{_bindir}/twistd
-%{_bindir}/trial
-%{_bindir}/tkconch
-%{_bindir}/pyhtmlizer
-%{_bindir}/twist
-%{_bindir}/mailmail
-%{_bindir}/conch
-%{_bindir}/ckeygen
-%{_bindir}/cftp
-%{_bindir}/twistd3
-%{_bindir}/trial3
-%{_bindir}/tkconch3
+%{_bindir}/cftp3
+%{_bindir}/ckeygen3
+%{_bindir}/conch3
+%{_bindir}/mailmail3
 %{_bindir}/pyhtmlizer3
+%{_bindir}/tkconch3
+%{_bindir}/trial3
 %{_bindir}/twist3
-%{_bindir}/conch3
-%{_bindir}/ckeygen3
-%{_bindir}/cftp3
+%{_bindir}/twistd3
 
 %changelog
 * Wed Nov 09 2022 Pawel Winogrodzki <[email protected]> - 22.10.0-2
 - Ported to Mariner 1.0 to fix CVE-2022-39348.
+- Re-named binaries to avoid conflicts with Python 2 version.
 
 * Mon Oct 31 2022 CBL-Mariner Servicing Account <[email protected]> - 22.10.0-1
 - Upgrade to 22.10.0