fix CVE-2024-4141
(cherry picked from commit ffd8a0a5b2c39f78f70ed0b2e866a71a9f4733f1)
This commit is contained in:
lingsheng
openeuler-sync-bot
parent
4bb5f311fe
commit
26d52c9b23
36
backport-CVE-2024-4141.patch
Normal file
36
backport-CVE-2024-4141.patch
Normal file
@ -0,0 +1,36 @@
|
||||
From 54e89f45560a3e73e172061a5551cf56b049256d Mon Sep 17 00:00:00 2001
|
||||
From: lingsheng <lingsheng1@h-partners.com>
|
||||
Date: Tue, 24 Sep 2024 11:34:58 +0000
|
||||
Subject: [PATCH] fix CVE-2024-4141
|
||||
|
||||
Origin:https://bugzilla.suse.com/show_bug.cgi?id=1223375#c3
|
||||
---
|
||||
fofi/FoFiType1.cc | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/fofi/FoFiType1.cc b/fofi/FoFiType1.cc
|
||||
index a4d82f2..dbb502c 100644
|
||||
--- a/fofi/FoFiType1.cc
|
||||
+++ b/fofi/FoFiType1.cc
|
||||
@@ -212,7 +212,8 @@ void FoFiType1::parse() {
|
||||
char *line, *line1, *firstLine, *p, *p2;
|
||||
char buf[256];
|
||||
char c;
|
||||
- int n, code, base, i, j;
|
||||
+ unsigned int code;
|
||||
+ int n, base, i, j;
|
||||
char *tokptr;
|
||||
bool gotMatrix, continueLine;
|
||||
|
||||
@@ -304,7 +305,7 @@ void FoFiType1::parse() {
|
||||
}
|
||||
++p;
|
||||
for (p2 = p; *p2 && *p2 != ' ' && *p2 != '\t'; ++p2) ;
|
||||
- if (code >= 0 && code < 256) {
|
||||
+ if (code < 256) {
|
||||
c = *p2;
|
||||
*p2 = '\0';
|
||||
gfree(encoding[code]);
|
||||
--
|
||||
2.33.0
|
||||
|
||||
@ -4,7 +4,7 @@
|
||||
Summary: PDF rendering library
|
||||
Name: poppler
|
||||
Version: 0.90.0
|
||||
Release: 8
|
||||
Release: 9
|
||||
License: (GPLv2 or GPLv3) and GPLv2+ and LGPLv2+ and MIT
|
||||
URL: http://poppler.freedesktop.org/
|
||||
Source0: http://poppler.freedesktop.org/poppler-%{version}.tar.xz
|
||||
@ -24,6 +24,7 @@ Patch6006: backport-CVE-2022-37052.patch
|
||||
Patch6007: backport-CVE-2022-38349.patch
|
||||
Patch6008: backport-CVE-2020-36023.patch
|
||||
Patch6009: backport-CVE-2024-6239.patch
|
||||
Patch6010: backport-CVE-2024-4141.patch
|
||||
|
||||
BuildRequires: cmake
|
||||
BuildRequires: gcc-c++
|
||||
@ -223,6 +224,12 @@ test "$(pkg-config --modversion poppler-splash)" = "%{version}"
|
||||
%{_mandir}/man1/*
|
||||
|
||||
%changelog
|
||||
* Wed Sep 25 2024 lingsheng <lingsheng1@h-partners.com> - 0.90.0-9
|
||||
- Type:CVE
|
||||
- CVE:CVE-2024-4141
|
||||
- SUG:NA
|
||||
- DESC:fix CVE-2024-4141
|
||||
|
||||
* Tue Jun 25 2024 lingsheng <lingsheng1@h-partners.com> - 0.90.0-8
|
||||
- Type:CVE
|
||||
- CVE:CVE-2024-6239
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user