[Git][debian-gis-team/gdal][bullseye] Import Debian changes 3.2.2+dfsg-2+deb11u2

Bas Couwenberg (@sebastic) gitlab at salsa.debian.org
Tue Sep 27 22:57:58 BST 2022 


Bas Couwenberg pushed to branch bullseye at Debian GIS Project / gdal


Commits:
54a7ccd9 by Aron Xu at 2022-09-27T23:57:12+02:00
Import Debian changes 3.2.2+dfsg-2+deb11u2

gdal (3.2.2+dfsg-2+deb11u2) bullseye-security; urgency=high
..
  * Non-maintainer upload by the Security Team.
  * Fix a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile
    (CVE-2021-45943).

- - - - -


3 changed files:

- debian/changelog
- + debian/patches/cve-2021-45943.patch
- debian/patches/series


Changes:

=====================================
debian/changelog
=====================================
@@ -1,3 +1,11 @@
+gdal (3.2.2+dfsg-2+deb11u2) bullseye-security; urgency=high
+
+  * Non-maintainer upload by the Security Team.
+  * Fix a heap-based buffer overflow in PCIDSK::CPCIDSKFile::ReadFromFile
+    (CVE-2021-45943).
+
+ -- Aron Xu <aron at debian.org>  Wed, 21 Sep 2022 06:52:45 +0000
+
 gdal (3.2.2+dfsg-2+deb11u1) bullseye; urgency=medium
 
   * Update branch in gbp.conf & Vcs-Git URL.


=====================================
debian/patches/cve-2021-45943.patch
=====================================
@@ -0,0 +1,26 @@
+Index: gdal-3.2.2+dfsg/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp
+===================================================================
+--- gdal-3.2.2+dfsg.orig/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp
++++ gdal-3.2.2+dfsg/frmts/pcidsk/sdk/segment/cpcidskbinarysegment.cpp
+@@ -31,6 +31,7 @@
+ #include "pcidsk_exception.h"
+ #include "core/pcidsk_utils.h"
+ 
++#include <limits>
+ #include <vector>
+ #include <string>
+ #include <cassert>
+@@ -73,8 +74,12 @@ void CPCIDSKBinarySegment::Load()
+     if (loaded_) {
+         return;
+     }
++    if( data_size - 1024 > static_cast<uint64_t>(std::numeric_limits<int>::max()) )
++    {
++        return ThrowPCIDSKException("too large data_size");
++    }
+ 
+-    seg_data.SetSize((int)data_size - 1024);
++    seg_data.SetSize((int)(data_size - 1024));
+ 
+     ReadFromFile(seg_data.buffer, 0, data_size - 1024);
+ 


=====================================
debian/patches/series
=====================================
@@ -17,3 +17,4 @@ perl-doxyfile
 0001-LVBAG-Convert-MultiPolygon-to-Polygon-3599-fixes-358.patch
 0001-LVBAG-Driver-add-field-definition-for-gerelateerdewo.patch
 0001-OGR-LVBAG-add-Field-verkorteNaam-to-OpenbareRuimte-F.patch
+cve-2021-45943.patch



View it on GitLab: https://salsa.debian.org/debian-gis-team/gdal/-/commit/54a7ccd99dac7832d82589d2c10a447e091e6489

-- 
View it on GitLab: https://salsa.debian.org/debian-gis-team/gdal/-/commit/54a7ccd99dac7832d82589d2c10a447e091e6489
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-grass-devel/attachments/20220927/faada930/attachment-0001.htm>

More information about the Pkg-grass-devel mailing list