Ubuntu
libjpeg6b package

Merge lp:~logan/ubuntu/trusty/libjpeg6b/6b1-4ubuntu1 into lp:ubuntu/trusty/libjpeg6b

  1. Trusty (14.04)
  2. 6b1-4ubuntu1
  3. Merge into trusty
Proposed by Logan Rosen
Status: Merged
Merged at revision: 19
Proposed branch: lp:~logan/ubuntu/trusty/libjpeg6b/6b1-4ubuntu1
Merge into: lp:ubuntu/trusty/libjpeg6b
Diff against target: 347 lines (+171/-64)
9 files modified
.pc/applied-patches (+1/-1)
debian/changelog (+15/-0)
debian/copyright (+1/-1)
debian/patches/debian-changes-6b1-1 (+0/-47)
debian/patches/fix-CVE-2013-6629_6630 (+108/-0)
debian/patches/series (+1/-1)
debian/rules (+1/-1)
jdmarker.c (+44/-12)
stamp-h1 (+0/-1)
To merge this branch: bzr merge lp:~logan/ubuntu/trusty/libjpeg6b/6b1-4ubuntu1
Reviewer Review Type Date Requested Status
Sebastien Bacher Approve
Review via email: mp+198477@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Sebastien Bacher (seb128) wrote :

Thanks for your work!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file '.pc/applied-patches'
2--- .pc/applied-patches 2012-11-15 09:01:30 +0000
3+++ .pc/applied-patches 2013-12-10 23:15:47 +0000
4@@ -1,3 +1,3 @@
5 extern_C-jpeglib.h
6 use-autotools-dev
7-debian-changes-6b1-1
8+fix-CVE-2013-6629_6630
9
10=== removed directory '.pc/debian-changes-6b1-1'
11=== removed file '.pc/debian-changes-6b1-1/stamp-h1'
12=== modified file 'debian/changelog'
13--- debian/changelog 2012-11-29 13:54:26 +0000
14+++ debian/changelog 2013-12-10 23:15:47 +0000
15@@ -1,3 +1,18 @@
16+libjpeg6b (6b1-4ubuntu1) trusty; urgency=low
17+
18+ * Merge from Debian unstable (LP: #1011177). Remaining changes:
19+ - debian/rules: Remove "-Bsymbolic-functions" from LDFLAGS.
20+
21+ -- Logan Rosen <logan@ubuntu.com> Tue, 10 Dec 2013 18:09:16 -0500
22+
23+libjpeg6b (6b1-4) unstable; urgency=high
24+
25+ * Apply upstream patch to fix CVE-2013-6629 and CVE-2013-6630.
26+ * debian/rules clean: remove stamp-h1
27+ * debian/copyright: fix download URL
28+
29+ -- Bill Allombert <ballombe@debian.org> Thu, 05 Dec 2013 23:43:52 +0100
30+
31 libjpeg6b (6b1-3ubuntu1) raring; urgency=low
32
33 * Merge from Debian. Remaining changes:
34
35=== modified file 'debian/copyright'
36--- debian/copyright 2010-06-29 13:55:42 +0000
37+++ debian/copyright 2013-12-10 23:15:47 +0000
38@@ -2,7 +2,7 @@
39 JPEG Group.
40
41 This package was created by Bill Allombert <ballombe@debian.org> from sources
42-which can be found at http://www.ijg.org/jpegsrc.v6b1.tar.gz.
43+which can be found at http://www.ijg.org/files/jpegsrc.v6b1.tar.gz.
44
45 Package for version 6b was created by Mark Mickan <mmickan@debian.org> from
46 sources which can be found at ftp://ftp.uu.net/graphics/jpeg/jpegsrc.v6b.tar.gz
47
48=== removed file 'debian/patches/debian-changes-6b1-1'
49--- debian/patches/debian-changes-6b1-1 2010-06-29 13:55:42 +0000
50+++ debian/patches/debian-changes-6b1-1 1970-01-01 00:00:00 +0000
51@@ -1,47 +0,0 @@
52-Description: Upstream changes introduced in version 6b1-1
53- This patch has been created by dpkg-source during the package build.
54- Here's the last changelog entry, hopefully it gives details on why
55- those changes were made:
56- .
57- libjpeg6b (6b1-1) unstable; urgency=low
58- .
59- * New upstream release
60- - libjpeg62 has now versionned symbols.
61- - Updated build system that use current libtool.
62- - Full source code for the build system.
63- * debian/copyright: add 6b1 upstream download URL.
64- * debian/control:
65- - libjpeg62-dev: Provides libjpeg-dev since the transition has been
66- postponed.
67- - Remove now useless dependency on libtool and sharutils
68- - Bump Standards-Version to 3.9.0.
69- * Get rid of dpatch system. Patches were only relevant to libjpeg-progs
70- which is not build from this package anymore.
71- * Move to new source format 3.0 (quilt). Patches applied:
72- - use-autotools-dev: Use autotools-dev version of config.sub/.guess.
73- - extern_C-jpeglib.h: Wrap jpeglib.h with extern "C" {} if __cplusplus
74- is defined.
75- * debian/rules:
76- - Adjust for new build system and new patch system.
77- * debian/shlibs: add (>=6b1) to avoid linker warnings with libjpeg6b.
78- .
79- The person named in the Author field signed this changelog entry.
80-Author: Bill Allombert <ballombe@debian.org>
81-
82----
83-The information above should follow the Patch Tagging Guidelines, please
84-checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here
85-are templates for supplementary fields that you might want to add:
86-
87-Origin: <vendor|upstream|other>, <url of original patch>
88-Bug: <url in upstream bugtracker>
89-Bug-Debian: http://bugs.debian.org/<bugnumber>
90-Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber>
91-Forwarded: <no|not-needed|url proving that it has been forwarded>
92-Reviewed-By: <name and email of someone who approved the patch>
93-Last-Update: <YYYY-MM-DD>
94-
95---- /dev/null
96-+++ libjpeg6b-6b1/stamp-h1
97-@@ -0,0 +1 @@
98-+timestamp for jconfig.h
99
100=== added file 'debian/patches/fix-CVE-2013-6629_6630'
101--- debian/patches/fix-CVE-2013-6629_6630 1970-01-01 00:00:00 +0000
102+++ debian/patches/fix-CVE-2013-6629_6630 2013-12-10 23:15:47 +0000
103@@ -0,0 +1,108 @@
104+Index: libjpeg6b-6b1/jdmarker.c
105+===================================================================
106+--- libjpeg6b-6b1.orig/jdmarker.c 1998-02-21 21:24:50.000000000 +0100
107++++ libjpeg6b-6b1/jdmarker.c 2013-12-03 22:53:28.393111296 +0100
108+@@ -238,7 +238,7 @@
109+ /* Process a SOFn marker */
110+ {
111+ INT32 length;
112+- int c, ci;
113++ int c, ci, i;
114+ jpeg_component_info * compptr;
115+ INPUT_VARS(cinfo);
116+
117+@@ -275,11 +275,27 @@
118+ cinfo->comp_info = (jpeg_component_info *) (*cinfo->mem->alloc_small)
119+ ((j_common_ptr) cinfo, JPOOL_IMAGE,
120+ cinfo->num_components * SIZEOF(jpeg_component_info));
121+-
122+- for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
123+- ci++, compptr++) {
124++
125++ for (ci = 0; ci < cinfo->num_components; ci++) {
126++ INPUT_BYTE(cinfo, c, return FALSE);
127++ /* Check to see whether component id has already been seen */
128++ /* (in violation of the spec, but unfortunately seen in some */
129++ /* files). If so, create "fake" component id equal to the */
130++ /* max id seen so far + 1. */
131++ for (i = 0, compptr = cinfo->comp_info; i < ci; i++, compptr++) {
132++ if (c == compptr->component_id) {
133++ compptr = cinfo->comp_info;
134++ c = compptr->component_id;
135++ compptr++;
136++ for (i = 1; i < ci; i++, compptr++) {
137++ if (compptr->component_id > c) c = compptr->component_id;
138++ }
139++ c++;
140++ break;
141++ }
142++ }
143++ compptr->component_id = c;
144+ compptr->component_index = ci;
145+- INPUT_BYTE(cinfo, compptr->component_id, return FALSE);
146+ INPUT_BYTE(cinfo, c, return FALSE);
147+ compptr->h_samp_factor = (c >> 4) & 15;
148+ compptr->v_samp_factor = (c ) & 15;
149+@@ -302,7 +318,7 @@
150+ /* Process a SOS marker */
151+ {
152+ INT32 length;
153+- int i, ci, n, c, cc;
154++ int c, ci, i, n;
155+ jpeg_component_info * compptr;
156+ INPUT_VARS(cinfo);
157+
158+@@ -323,24 +339,38 @@
159+ /* Collect the component-spec parameters */
160+
161+ for (i = 0; i < n; i++) {
162+- INPUT_BYTE(cinfo, cc, return FALSE);
163+ INPUT_BYTE(cinfo, c, return FALSE);
164+-
165++
166++ /* Detect the case where component id's are not unique, and, if so, */
167++ /* create a fake component id using the same logic as in get_sof. */
168++ for (ci = 0; ci < i; ci++) {
169++ if (c == cinfo->cur_comp_info[ci]->component_id) {
170++ c = cinfo->cur_comp_info[0]->component_id;
171++ for (ci = 1; ci < i; ci++) {
172++ compptr = cinfo->cur_comp_info[ci];
173++ if (compptr->component_id > c) c = compptr->component_id;
174++ }
175++ c++;
176++ break;
177++ }
178++ }
179++
180+ for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
181+ ci++, compptr++) {
182+- if (cc == compptr->component_id)
183++ if (c == compptr->component_id)
184+ goto id_found;
185+ }
186+
187+- ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
188++ ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, c);
189+
190+ id_found:
191+
192+ cinfo->cur_comp_info[i] = compptr;
193++ INPUT_BYTE(cinfo, c, return FALSE);
194+ compptr->dc_tbl_no = (c >> 4) & 15;
195+ compptr->ac_tbl_no = (c ) & 15;
196+-
197+- TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,
198++
199++ TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, compptr->component_id,
200+ compptr->dc_tbl_no, compptr->ac_tbl_no);
201+ }
202+
203+@@ -456,6 +486,8 @@
204+ if (count > 256 || ((INT32) count) > length)
205+ ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
206+
207++ MEMZERO(huffval, SIZEOF(huffval)); /* pre-zero array for later copy */
208++
209+ for (i = 0; i < count; i++)
210+ INPUT_BYTE(cinfo, huffval[i], return FALSE);
211+
212
213=== modified file 'debian/patches/series'
214--- debian/patches/series 2010-06-29 13:55:42 +0000
215+++ debian/patches/series 2013-12-10 23:15:47 +0000
216@@ -1,3 +1,3 @@
217 extern_C-jpeglib.h
218 use-autotools-dev
219-debian-changes-6b1-1
220+fix-CVE-2013-6629_6630
221
222=== modified file 'debian/rules'
223--- debian/rules 2012-11-29 13:52:49 +0000
224+++ debian/rules 2013-12-10 23:15:47 +0000
225@@ -33,7 +33,7 @@
226 clean:
227 dh_testdir
228 dh_testroot
229- -rm -f build-stamp
230+ -rm -f build-stamp stamp-h1
231 if [ -f Makefile ]; then $(MAKE) clean; fi
232 -rm -f Makefile jconfig.h config.log config.status libtool
233 dh_clean
234
235=== modified file 'jdmarker.c'
236--- jdmarker.c 2003-09-08 16:22:08 +0000
237+++ jdmarker.c 2013-12-10 23:15:47 +0000
238@@ -238,7 +238,7 @@
239 /* Process a SOFn marker */
240 {
241 INT32 length;
242- int c, ci;
243+ int c, ci, i;
244 jpeg_component_info * compptr;
245 INPUT_VARS(cinfo);
246
247@@ -275,11 +275,27 @@
248 cinfo->comp_info = (jpeg_component_info *) (*cinfo->mem->alloc_small)
249 ((j_common_ptr) cinfo, JPOOL_IMAGE,
250 cinfo->num_components * SIZEOF(jpeg_component_info));
251-
252- for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
253- ci++, compptr++) {
254+
255+ for (ci = 0; ci < cinfo->num_components; ci++) {
256+ INPUT_BYTE(cinfo, c, return FALSE);
257+ /* Check to see whether component id has already been seen */
258+ /* (in violation of the spec, but unfortunately seen in some */
259+ /* files). If so, create "fake" component id equal to the */
260+ /* max id seen so far + 1. */
261+ for (i = 0, compptr = cinfo->comp_info; i < ci; i++, compptr++) {
262+ if (c == compptr->component_id) {
263+ compptr = cinfo->comp_info;
264+ c = compptr->component_id;
265+ compptr++;
266+ for (i = 1; i < ci; i++, compptr++) {
267+ if (compptr->component_id > c) c = compptr->component_id;
268+ }
269+ c++;
270+ break;
271+ }
272+ }
273+ compptr->component_id = c;
274 compptr->component_index = ci;
275- INPUT_BYTE(cinfo, compptr->component_id, return FALSE);
276 INPUT_BYTE(cinfo, c, return FALSE);
277 compptr->h_samp_factor = (c >> 4) & 15;
278 compptr->v_samp_factor = (c ) & 15;
279@@ -302,7 +318,7 @@
280 /* Process a SOS marker */
281 {
282 INT32 length;
283- int i, ci, n, c, cc;
284+ int c, ci, i, n;
285 jpeg_component_info * compptr;
286 INPUT_VARS(cinfo);
287
288@@ -323,24 +339,38 @@
289 /* Collect the component-spec parameters */
290
291 for (i = 0; i < n; i++) {
292- INPUT_BYTE(cinfo, cc, return FALSE);
293 INPUT_BYTE(cinfo, c, return FALSE);
294-
295+
296+ /* Detect the case where component id's are not unique, and, if so, */
297+ /* create a fake component id using the same logic as in get_sof. */
298+ for (ci = 0; ci < i; ci++) {
299+ if (c == cinfo->cur_comp_info[ci]->component_id) {
300+ c = cinfo->cur_comp_info[0]->component_id;
301+ for (ci = 1; ci < i; ci++) {
302+ compptr = cinfo->cur_comp_info[ci];
303+ if (compptr->component_id > c) c = compptr->component_id;
304+ }
305+ c++;
306+ break;
307+ }
308+ }
309+
310 for (ci = 0, compptr = cinfo->comp_info; ci < cinfo->num_components;
311 ci++, compptr++) {
312- if (cc == compptr->component_id)
313+ if (c == compptr->component_id)
314 goto id_found;
315 }
316
317- ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, cc);
318+ ERREXIT1(cinfo, JERR_BAD_COMPONENT_ID, c);
319
320 id_found:
321
322 cinfo->cur_comp_info[i] = compptr;
323+ INPUT_BYTE(cinfo, c, return FALSE);
324 compptr->dc_tbl_no = (c >> 4) & 15;
325 compptr->ac_tbl_no = (c ) & 15;
326-
327- TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, cc,
328+
329+ TRACEMS3(cinfo, 1, JTRC_SOS_COMPONENT, compptr->component_id,
330 compptr->dc_tbl_no, compptr->ac_tbl_no);
331 }
332
333@@ -456,6 +486,8 @@
334 if (count > 256 || ((INT32) count) > length)
335 ERREXIT(cinfo, JERR_BAD_HUFF_TABLE);
336
337+ MEMZERO(huffval, SIZEOF(huffval)); /* pre-zero array for later copy */
338+
339 for (i = 0; i < count; i++)
340 INPUT_BYTE(cinfo, huffval[i], return FALSE);
341
342
343=== removed file 'stamp-h1'
344--- stamp-h1 2012-11-15 09:01:30 +0000
345+++ stamp-h1 1970-01-01 00:00:00 +0000
346@@ -1,1 +0,0 @@
347-timestamp for jconfig.h

Subscribers

People subscribed via source and target branches

to all changes: