Version in base suite: 0.99.beta20-5 Base version: libcaca_0.99.beta20-5 Target version: libcaca_0.99.beta20-5+deb13u1 Base file: /srv/ftp-master.debian.org/ftp/pool/main/libc/libcaca/libcaca_0.99.beta20-5.dsc Target file: /srv/ftp-master.debian.org/policy/pool/main/libc/libcaca/libcaca_0.99.beta20-5+deb13u1.dsc changelog | 8 + patches/0004-Prevent-undefined-behaviour-in-overflow-check.patch | 42 ++++++++++ patches/series | 1 3 files changed, 51 insertions(+) dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmp3l1lhjes/libcaca_0.99.beta20-5.dsc: no acceptable signature found dpkg-source: warning: cannot verify inline signature for /srv/release.debian.org/tmp/tmp3l1lhjes/libcaca_0.99.beta20-5+deb13u1.dsc: no acceptable signature found diff -Nru libcaca-0.99.beta20/debian/changelog libcaca-0.99.beta20/debian/changelog --- libcaca-0.99.beta20/debian/changelog 2024-08-11 20:08:05.000000000 +0000 +++ libcaca-0.99.beta20/debian/changelog 2026-05-31 13:40:07.000000000 +0000 @@ -1,3 +1,11 @@ +libcaca (0.99.beta20-5+deb13u1) trixie; urgency=medium + + * Non-maintainer upload. + * Prevent undefined behaviour in overflow check (CVE-2026-42046) + (Closes: #1136952) + + -- Salvatore Bonaccorso Sun, 31 May 2026 15:40:07 +0200 + libcaca (0.99.beta20-5) unstable; urgency=medium * debian/patches: Disable doxygen timestamps (Closes: #1071672) diff -Nru libcaca-0.99.beta20/debian/patches/0004-Prevent-undefined-behaviour-in-overflow-check.patch libcaca-0.99.beta20/debian/patches/0004-Prevent-undefined-behaviour-in-overflow-check.patch --- libcaca-0.99.beta20/debian/patches/0004-Prevent-undefined-behaviour-in-overflow-check.patch 1970-01-01 00:00:00.000000000 +0000 +++ libcaca-0.99.beta20/debian/patches/0004-Prevent-undefined-behaviour-in-overflow-check.patch 2026-05-31 13:38:54.000000000 +0000 @@ -0,0 +1,42 @@ +From: Pascal Terjan +Date: Sun, 12 Apr 2026 19:06:08 +0000 +Subject: Prevent undefined behaviour in overflow check +Origin: https://github.com/cacalabs/libcaca/commit/fb77acff9ba6bb01d53940da34fb10f20b156a23 +Bug-Debian: https://bugs.debian.org/1136952 +Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2026-42046 + +Fixes #86 +--- + caca/canvas.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/caca/canvas.c b/caca/canvas.c +index 7beff5b81d47..62b72b72bb5e 100644 +--- a/caca/canvas.c ++++ b/caca/canvas.c +@@ -26,6 +26,7 @@ + # if defined(HAVE_UNISTD_H) + # include + # endif ++# include + #endif + + #include "caca.h" +@@ -368,12 +369,12 @@ int caca_resize(caca_canvas_t *cv, int width, int height) + int x, y, f, old_width, old_height, old_size; + + /* Check for overflow */ +- int new_size = width * height; +- if (new_size < 0 || (width > 0 && new_size / width != height)) ++ if (width != 0 && height > INT_MAX / width) + { + seterrno(EOVERFLOW); + return -1; + } ++ int new_size = width * height; + + old_width = cv->width; + old_height = cv->height; +-- +2.53.0 + diff -Nru libcaca-0.99.beta20/debian/patches/series libcaca-0.99.beta20/debian/patches/series --- libcaca-0.99.beta20/debian/patches/series 2024-08-11 20:04:38.000000000 +0000 +++ libcaca-0.99.beta20/debian/patches/series 2026-05-31 13:39:27.000000000 +0000 @@ -1,3 +1,4 @@ 0001-caca-config.in-Avoid-mentioning-libdir.patch 0002-Don-t-generate-PDF-with-latex.patch 0003-Disable-doxygen-timestamps.patch +0004-Prevent-undefined-behaviour-in-overflow-check.patch