callisto-debian/gimp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
callisto/bookworm
gimp/debian/patches/plug-ins-Fix-vulnerability-in-file-psd.patch
Salvatore Bonaccorso 27ecc73732 Import Debian changes 2.10.34-1+deb12u1 
gimp (2.10.34-1+deb12u1) bookworm-security; urgency=high
.
  * Non-maintainer upload by the Security Team.
  * plug-ins: Fix vulnerabilities in file-psp (CVE-2023-44443, CVE-2023-44444)
    (Closes: #1055984)
  * plug-ins: Fix vulnerability in file-psd (CVE-2023-44442)
    (Closes: #1055984)
  * plug-ins: Fix DDS vulnerability (ZDI-CAN-22093) (CVE-2023-44441)
    (Closes: #1055984)
  * plug-ins: Fix DDS import regression
  * plug-ins: Additional fixes for DDS Import
2025-06-06 17:29:58 -04:00

30 lines
1.0 KiB
Diff
Raw Permalink Blame History

From: Alx Sa <cmyk.student@gmail.com>
Date: Fri, 29 Sep 2023 20:39:29 +0000
Subject: plug-ins: Fix vulnerability in file-psd
Origin: https://gitlab.gnome.org/GNOME/gimp/-/commit/985c0a20e18b5b3b8a48ee9cb12287b1d5732d3d
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2023-44442
Bug-Debian: https://bugs.debian.org/1055984
Resolves #10101.
This patch adds a missing break statement after an error condition
is detected to prevent the code from continuing afterwards.
---
plug-ins/file-psd/psd-util.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/plug-ins/file-psd/psd-util.c b/plug-ins/file-psd/psd-util.c
index 1eccdd640e1c..34b442dc4966 100644
--- a/plug-ins/file-psd/psd-util.c
+++ b/plug-ins/file-psd/psd-util.c
@@ -518,6 +518,7 @@ decode_packbits (const gchar *src,
{
IFDBG(2) g_debug ("Overrun in packbits replicate of %d chars", n - unpack_left);
error_code = 2;
+ break;
}
memset (dst, *src, n);
src++;
--
2.42.0
Reference in New Issue View Git Blame Copy Permalink