[AUTO-CHERRYPICK] [AutoPR- Security] Patch gdk-pixbuf2 for CVE-2025-7345 - branch 3.0-dev (microsoft#14338)

CBL-Mariner-Bot · azurelinux-security · Kanishk-Bansal · web-flow · commit 2225ab850e39 · 2025-07-18T14:39:22.000-04:00
Co-authored-by: Azure Linux Security Servicing Account &lt;azurelinux-security@microsoft.com&gt;
Co-authored-by: Kanishk Bansal &lt;103916909+Kanishk-Bansal@users.noreply.github.com&gt;
diff --git a/SPECS/gdk-pixbuf2/CVE-2025-7345.patch b/SPECS/gdk-pixbuf2/CVE-2025-7345.patch
@@ -0,0 +1,44 @@
+From 4b544734b6b7944de8c0a2442ad3db482779303a Mon Sep 17 00:00:00 2001
+From: Azure Linux Security Servicing Account
+ <azurelinux-security@microsoft.com>
+Date: Mon, 14 Jul 2025 08:50:39 +0000
+Subject: [PATCH] Fix CVE CVE-2025-7345 in gdk-pixbuf2
+
+Upstream Patch Reference: https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/217.patch
+---
+ gdk-pixbuf/io-jpeg.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/gdk-pixbuf/io-jpeg.c b/gdk-pixbuf/io-jpeg.c
+index 3841fc0..9ee1d21 100644
+--- a/gdk-pixbuf/io-jpeg.c
++++ b/gdk-pixbuf/io-jpeg.c
+@@ -356,6 +356,7 @@ jpeg_parse_exif_app2_segment (JpegExifContext *context, jpeg_saved_marker_ptr ma
+ 		context->icc_profile = g_new (gchar, chunk_size);
+ 		/* copy the segment data to the profile space */
+ 		memcpy (context->icc_profile, marker->data + 14, chunk_size);
++                ret = TRUE;
+ 		goto out;
+ 	}
+ 
+@@ -377,12 +378,15 @@ jpeg_parse_exif_app2_segment (JpegExifContext *context, jpeg_saved_marker_ptr ma
+ 	/* copy the segment data to the profile space */
+ 	memcpy (context->icc_profile + offset, marker->data + 14, chunk_size);
+ 
+-	/* it's now this big plus the new data we've just copied */
+-	context->icc_profile_size += chunk_size;
++        context->icc_profile_size = MAX (context->icc_profile_size, offset + chunk_size);
+ 
+ 	/* success */
+ 	ret = TRUE;
+ out:
++        if (!ret) {
++                g_free (context->icc_profile);
++                context->icc_profile = NULL;
++        }
+ 	return ret;
+ }
+ 
+-- 
+2.45.3
+
diff --git a/SPECS/gdk-pixbuf2/gdk-pixbuf2.spec b/SPECS/gdk-pixbuf2/gdk-pixbuf2.spec
@@ -2,14 +2,15 @@
 Summary:        An image loading library
 Name:           gdk-pixbuf2
 Version:        2.42.10
-Release:        3%{?dist}
+Release:        4%{?dist}
 License:        LGPLv2+
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
 URL:            https://gitlab.gnome.org/GNOME/gdk-pixbuf
 Source0:        https://download.gnome.org/sources/gdk-pixbuf/2.42/gdk-pixbuf-%{version}.tar.xz
 Patch0:         CVE-2022-48622.patch
 Patch1:         CVE-2025-6199.patch
+Patch2:         CVE-2025-7345.patch
 BuildRequires:  %{_bindir}/rst2man
 BuildRequires:  gettext
 BuildRequires:  libjpeg-devel
@@ -116,6 +117,9 @@ gdk-pixbuf-query-loaders-%{__isa_bits} --update-cache
 %{_datadir}/installed-tests
 
 %changelog
+* Mon Jul 14 2025 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 2.42.10-4
+- Patch for CVE-2025-7345
+
 * Tue Jul 01 2025 Azure Linux Security Servicing Account <azurelinux-security@microsoft.com> - 2.42.10-3
 - Patch for CVE-2025-6199
 
