Version in base suite: 1.7.1-2

Base version: imlib2_1.7.1-2
Target version: imlib2_1.7.1-2+deb11u1
Base file: /srv/ftp-master.debian.org/ftp/pool/main/i/imlib2/imlib2_1.7.1-2.dsc
Target file: /srv/ftp-master.debian.org/policy/pool/main/i/imlib2/imlib2_1.7.1-2+deb11u1.dsc

 changelog                                                          |    8 +++
 patches/CVE-2024-25447-and-CVE-2024-25448-and-CVE-2024-25450.patch |   26 ++++++++++
 patches/series                                                     |    1 
 3 files changed, 35 insertions(+)

diff -Nru imlib2-1.7.1/debian/changelog imlib2-1.7.1/debian/changelog
--- imlib2-1.7.1/debian/changelog	2021-01-23 21:00:25.000000000 +0000
+++ imlib2-1.7.1/debian/changelog	2024-04-06 20:40:50.000000000 +0000
@@ -1,3 +1,11 @@
+imlib2 (1.7.1-2+deb11u1) bullseye; urgency=medium
+
+  * Fix CVE-2024-25447 and CVE-2024-25448 and CVE-2024-25450.
+    A heap-buffer overflow vulnerability was discovered in imlib2 when using
+    the tgaflip function in loader_tga.c
+
+ -- Markus Koschany <apo@debian.org>  Sat, 06 Apr 2024 22:40:50 +0200
+
 imlib2 (1.7.1-2) unstable; urgency=medium
 
   * Drop obsolete libltdl3-dev dependency.
diff -Nru imlib2-1.7.1/debian/patches/CVE-2024-25447-and-CVE-2024-25448-and-CVE-2024-25450.patch imlib2-1.7.1/debian/patches/CVE-2024-25447-and-CVE-2024-25448-and-CVE-2024-25450.patch
--- imlib2-1.7.1/debian/patches/CVE-2024-25447-and-CVE-2024-25448-and-CVE-2024-25450.patch	1970-01-01 00:00:00.000000000 +0000
+++ imlib2-1.7.1/debian/patches/CVE-2024-25447-and-CVE-2024-25448-and-CVE-2024-25450.patch	2024-04-06 20:40:50.000000000 +0000
@@ -0,0 +1,26 @@
+From: Markus Koschany <apo@debian.org>
+Date: Fri, 5 Apr 2024 16:29:27 +0200
+Subject: CVE-2024-25447 and CVE-2024-25448 and CVE-2024-25450
+
+Origin: https://git.enlightenment.org/old/legacy-imlib2/commit/e9c09deb08047c9e902ce37144e82b6edb8aedb6
+---
+ src/modules/loaders/loader_tga.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/src/modules/loaders/loader_tga.c b/src/modules/loaders/loader_tga.c
+index e9729b0..ae96a3b 100644
+--- a/src/modules/loaders/loader_tga.c
++++ b/src/modules/loaders/loader_tga.c
+@@ -595,9 +595,9 @@ tgaflip(DATA32 * in, int w, int h, int fliph, int flipv)
+         x2 = fliph ? w - 1 : 0;
+         for (x = 0; x < nx; x++, x2 += dx)
+           {
+-             tmp = in[y * h + x];
+-             in[y * h + x] = in[y2 * h + x2];
+-             in[y2 * h + x2] = tmp;
++             tmp = in[y * w + x];
++             in[y * w + x] = in[y2 * w + x2];
++             in[y2 * w + x2] = tmp;
+           }
+      }
+ }
diff -Nru imlib2-1.7.1/debian/patches/series imlib2-1.7.1/debian/patches/series
--- imlib2-1.7.1/debian/patches/series	2021-01-23 21:00:25.000000000 +0000
+++ imlib2-1.7.1/debian/patches/series	2024-04-06 20:40:50.000000000 +0000
@@ -1 +1,2 @@
 01_removed-data-dir.patch
+CVE-2024-25447-and-CVE-2024-25448-and-CVE-2024-25450.patch