From b4c86ecb72778ac853134812c813e001b8fa65cd Mon Sep 17 00:00:00 2001 From: samshichao Date: Wed, 28 May 2025 11:10:48 +0800 Subject: [PATCH] fix CVE-2025-4638 CVE-2025-4640 --- CVE-2025-4638.patch | 227 ++++++++++++++++++++++++++++++++++++++++++++ CVE-2025-4640.patch | 227 ++++++++++++++++++++++++++++++++++++++++++++ pcl.spec | 11 ++- 3 files changed, 464 insertions(+), 1 deletion(-) create mode 100644 CVE-2025-4638.patch create mode 100644 CVE-2025-4640.patch diff --git a/CVE-2025-4638.patch b/CVE-2025-4638.patch new file mode 100644 index 0000000..4673cec --- /dev/null +++ b/CVE-2025-4638.patch @@ -0,0 +1,227 @@ +From 502bd2b013ce635f21632d523aa8cf2e04f7b7ac Mon Sep 17 00:00:00 2001 +From: Kai Pastor +Date: Sun, 23 Apr 2023 06:24:02 +0200 +Subject: [PATCH] Prefer system zlib over opennurbs vendored copy + +--- + CMakeLists.txt | 9 +++++++ + pcl_config.h.in | 2 ++ + surface/CMakeLists.txt | 13 +++++++++- + .../3rdparty/opennurbs/opennurbs_zlib.h | 18 +++++++++++++ + .../src/3rdparty/opennurbs/openNURBS.cmake | 23 ++-------------- + .../src/3rdparty/opennurbs/opennurbs_zlib.cpp | 8 ++++++ + surface/src/3rdparty/opennurbs/zlib.cmake | 26 +++++++++++++++++++ + 7 files changed, 77 insertions(+), 22 deletions(-) + create mode 100644 surface/src/3rdparty/opennurbs/zlib.cmake + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 8990960b427..8dd786981aa 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -416,6 +416,15 @@ endif() + # Boost (required) + include("${PCL_SOURCE_DIR}/cmake/pcl_find_boost.cmake") + ++# System zlib (for nurbs on surface) ++option(WITH_SYSTEM_ZLIB "Use system zlib" TRUE) ++if(WITH_SYSTEM_ZLIB) ++ find_package(ZLIB) ++ if(ZLIB_FOUND) ++ set(HAVE_ZLIB ON) ++ endif() ++endif() ++ + ### ---[ Create the config.h file + set(pcl_config_h_in "${CMAKE_CURRENT_SOURCE_DIR}/pcl_config.h.in") + set(pcl_config_h "${CMAKE_CURRENT_BINARY_DIR}/include/pcl/pcl_config.h") +diff --git a/pcl_config.h.in b/pcl_config.h.in +index b5ef2cbf9bf..13d04c3fbfc 100644 +--- a/pcl_config.h.in ++++ b/pcl_config.h.in +@@ -52,6 +52,8 @@ + + #cmakedefine HAVE_PNG + ++#cmakedefine HAVE_ZLIB ++ + /* Precompile for a minimal set of point types instead of all. */ + #cmakedefine PCL_ONLY_CORE_POINT_TYPES + +diff --git a/surface/CMakeLists.txt b/surface/CMakeLists.txt +index c29105e6a67..e42c81d1312 100644 +--- a/surface/CMakeLists.txt ++++ b/surface/CMakeLists.txt +@@ -1,6 +1,7 @@ + set(SUBSYS_NAME surface) + set(SUBSYS_DESC "Point cloud surface library") + set(SUBSYS_DEPS common search kdtree octree) ++set(SUBSYS_EXT_DEPS "") + + set(build TRUE) + PCL_SUBSYS_OPTION(build "${SUBSYS_NAME}" "${SUBSYS_DESC}" ON) +@@ -66,6 +67,16 @@ if(BUILD_surface_on_nurbs) + + include(src/3rdparty/opennurbs/openNURBS.cmake) + include(src/on_nurbs/on_nurbs.cmake) ++ ++ if(WITH_SYSTEM_ZLIB) ++ find_package(ZLIB REQUIRED) ++ list(APPEND ON_NURBS_LIBRARIES ${ZLIB_LIBRARIES}) ++ list(APPEND SUBSYS_EXT_DEPS zlib) ++ else() ++ include(src/3rdparty/opennurbs/zlib.cmake) ++ list(APPEND OPENNURBS_INCLUDES ${ZLIB_INCLUDES}) ++ list(APPEND OPENNURBS_SOURCES ${ZLIB_SOURCES}) ++ endif() + endif() + + set(POISSON_INCLUDES +@@ -196,7 +207,7 @@ if(QHULL_FOUND) + target_link_libraries("${LIB_NAME}" QHULL::QHULL) + endif() + +-PCL_MAKE_PKGCONFIG(${LIB_NAME} COMPONENT ${SUBSYS_NAME} DESC ${SUBSYS_DESC} PCL_DEPS ${SUBSYS_DEPS}) ++PCL_MAKE_PKGCONFIG(${LIB_NAME} COMPONENT ${SUBSYS_NAME} DESC ${SUBSYS_DESC} PCL_DEPS ${SUBSYS_DEPS} EXT_DEPS ${SUBSYS_EXT_DEPS}) + + # Install include files + PCL_ADD_INCLUDES("${SUBSYS_NAME}" "${SUBSYS_NAME}" ${incs}) +diff --git a/surface/include/pcl/surface/3rdparty/opennurbs/opennurbs_zlib.h b/surface/include/pcl/surface/3rdparty/opennurbs/opennurbs_zlib.h +index 12787e1201f..7622b3a6a7d 100644 +--- a/surface/include/pcl/surface/3rdparty/opennurbs/opennurbs_zlib.h ++++ b/surface/include/pcl/surface/3rdparty/opennurbs/opennurbs_zlib.h +@@ -28,6 +28,22 @@ + // and statically link with the zlib library. All the necessary + // header files are included by opennurbs.h. + ++// PCL can use an external zlib. ++ ++#include ++ ++#if defined(HAVE_ZLIB) ++ ++#define z_deflate deflate ++#define z_inflate inflate ++#define z_Bytef Bytef ++ ++#define zcalloc pcl_zcalloc ++#define zcfree pcl_zcfree ++ ++#include ++ ++#else + + #if !defined(Z_PREFIX) + /* decorates zlib functions with a "z_" prefix to prevent symbol collision. */ +@@ -41,6 +57,8 @@ + + #include "zlib.h" + ++#endif // HAVE_ZLIB ++ + ON_BEGIN_EXTERNC + voidpf zcalloc (voidpf, unsigned, unsigned); + void zcfree (voidpf, voidpf); +diff --git a/surface/src/3rdparty/opennurbs/openNURBS.cmake b/surface/src/3rdparty/opennurbs/openNURBS.cmake +index 51ca678d018..fdcfa7e92dd 100644 +--- a/surface/src/3rdparty/opennurbs/openNURBS.cmake ++++ b/surface/src/3rdparty/opennurbs/openNURBS.cmake +@@ -102,16 +102,7 @@ set(OPENNURBS_INCLUDES + include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/opennurbs_workspace.h + include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/opennurbs_xform.h + include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/opennurbs_zlib.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/crc32.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/deflate.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inffast.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inffixed.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inflate.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inftrees.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/trees.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zconf.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zlib.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zutil.h) ++) + + set(OPENNURBS_SOURCES + src/3rdparty/opennurbs/opennurbs_3dm_attributes.cpp +@@ -222,14 +213,4 @@ set(OPENNURBS_SOURCES + src/3rdparty/opennurbs/opennurbs_xform.cpp + src/3rdparty/opennurbs/opennurbs_zlib.cpp + src/3rdparty/opennurbs/opennurbs_zlib_memory.cpp +- src/3rdparty/opennurbs/adler32.c +- src/3rdparty/opennurbs/compress.c +- src/3rdparty/opennurbs/crc32.c +- src/3rdparty/opennurbs/deflate.c +- src/3rdparty/opennurbs/infback.c +- src/3rdparty/opennurbs/inffast.c +- src/3rdparty/opennurbs/inflate.c +- src/3rdparty/opennurbs/inftrees.c +- src/3rdparty/opennurbs/trees.c +- src/3rdparty/opennurbs/uncompr.c +- src/3rdparty/opennurbs/zutil.c) ++) +diff --git a/surface/src/3rdparty/opennurbs/opennurbs_zlib.cpp b/surface/src/3rdparty/opennurbs/opennurbs_zlib.cpp +index 688c803df65..03e61993177 100644 +--- a/surface/src/3rdparty/opennurbs/opennurbs_zlib.cpp ++++ b/surface/src/3rdparty/opennurbs/opennurbs_zlib.cpp +@@ -16,6 +16,8 @@ + + #include "pcl/surface/3rdparty/opennurbs/opennurbs.h" + ++#if !defined(HAVE_ZLIB) ++ + #if defined(ON_DLL_EXPORTS) + // When compiling a Windows DLL opennurbs, we + // statically link ./zlib/.../zlib....lib into +@@ -72,6 +74,8 @@ + + #endif // ON_DLL_EXPORTS + ++#endif // !HAVE_ZLIB ++ + + bool ON_BinaryArchive::WriteCompressedBuffer( + std::size_t sizeof__inbuffer, // sizeof uncompressed input data +@@ -641,7 +645,11 @@ struct ON_CompressedBufferHelper + sizeof_x_buffer = 16384 + }; + unsigned char buffer[sizeof_x_buffer]; ++#if defined(HAVE_ZLIB) ++ z_stream strm = []() { z_stream zs; zs.zalloc = pcl_zcalloc; zs.zfree = pcl_zcfree; return zs; } (); ++#else + z_stream strm; ++#endif + std::size_t m_buffer_compressed_capacity; + }; + +diff --git a/surface/src/3rdparty/opennurbs/zlib.cmake b/surface/src/3rdparty/opennurbs/zlib.cmake +new file mode 100644 +index 00000000000..d730f223975 +--- /dev/null ++++ b/surface/src/3rdparty/opennurbs/zlib.cmake +@@ -0,0 +1,26 @@ ++set(ZLIB_INCLUDES ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/crc32.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/deflate.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inffast.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inffixed.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inflate.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inftrees.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/trees.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zconf.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zlib.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zutil.h ++) ++ ++set(ZLIB_SOURCES ++ src/3rdparty/opennurbs/adler32.c ++ src/3rdparty/opennurbs/compress.c ++ src/3rdparty/opennurbs/crc32.c ++ src/3rdparty/opennurbs/deflate.c ++ src/3rdparty/opennurbs/infback.c ++ src/3rdparty/opennurbs/inffast.c ++ src/3rdparty/opennurbs/inflate.c ++ src/3rdparty/opennurbs/inftrees.c ++ src/3rdparty/opennurbs/trees.c ++ src/3rdparty/opennurbs/uncompr.c ++ src/3rdparty/opennurbs/zutil.c ++) diff --git a/CVE-2025-4640.patch b/CVE-2025-4640.patch new file mode 100644 index 0000000..4673cec --- /dev/null +++ b/CVE-2025-4640.patch @@ -0,0 +1,227 @@ +From 502bd2b013ce635f21632d523aa8cf2e04f7b7ac Mon Sep 17 00:00:00 2001 +From: Kai Pastor +Date: Sun, 23 Apr 2023 06:24:02 +0200 +Subject: [PATCH] Prefer system zlib over opennurbs vendored copy + +--- + CMakeLists.txt | 9 +++++++ + pcl_config.h.in | 2 ++ + surface/CMakeLists.txt | 13 +++++++++- + .../3rdparty/opennurbs/opennurbs_zlib.h | 18 +++++++++++++ + .../src/3rdparty/opennurbs/openNURBS.cmake | 23 ++-------------- + .../src/3rdparty/opennurbs/opennurbs_zlib.cpp | 8 ++++++ + surface/src/3rdparty/opennurbs/zlib.cmake | 26 +++++++++++++++++++ + 7 files changed, 77 insertions(+), 22 deletions(-) + create mode 100644 surface/src/3rdparty/opennurbs/zlib.cmake + +diff --git a/CMakeLists.txt b/CMakeLists.txt +index 8990960b427..8dd786981aa 100644 +--- a/CMakeLists.txt ++++ b/CMakeLists.txt +@@ -416,6 +416,15 @@ endif() + # Boost (required) + include("${PCL_SOURCE_DIR}/cmake/pcl_find_boost.cmake") + ++# System zlib (for nurbs on surface) ++option(WITH_SYSTEM_ZLIB "Use system zlib" TRUE) ++if(WITH_SYSTEM_ZLIB) ++ find_package(ZLIB) ++ if(ZLIB_FOUND) ++ set(HAVE_ZLIB ON) ++ endif() ++endif() ++ + ### ---[ Create the config.h file + set(pcl_config_h_in "${CMAKE_CURRENT_SOURCE_DIR}/pcl_config.h.in") + set(pcl_config_h "${CMAKE_CURRENT_BINARY_DIR}/include/pcl/pcl_config.h") +diff --git a/pcl_config.h.in b/pcl_config.h.in +index b5ef2cbf9bf..13d04c3fbfc 100644 +--- a/pcl_config.h.in ++++ b/pcl_config.h.in +@@ -52,6 +52,8 @@ + + #cmakedefine HAVE_PNG + ++#cmakedefine HAVE_ZLIB ++ + /* Precompile for a minimal set of point types instead of all. */ + #cmakedefine PCL_ONLY_CORE_POINT_TYPES + +diff --git a/surface/CMakeLists.txt b/surface/CMakeLists.txt +index c29105e6a67..e42c81d1312 100644 +--- a/surface/CMakeLists.txt ++++ b/surface/CMakeLists.txt +@@ -1,6 +1,7 @@ + set(SUBSYS_NAME surface) + set(SUBSYS_DESC "Point cloud surface library") + set(SUBSYS_DEPS common search kdtree octree) ++set(SUBSYS_EXT_DEPS "") + + set(build TRUE) + PCL_SUBSYS_OPTION(build "${SUBSYS_NAME}" "${SUBSYS_DESC}" ON) +@@ -66,6 +67,16 @@ if(BUILD_surface_on_nurbs) + + include(src/3rdparty/opennurbs/openNURBS.cmake) + include(src/on_nurbs/on_nurbs.cmake) ++ ++ if(WITH_SYSTEM_ZLIB) ++ find_package(ZLIB REQUIRED) ++ list(APPEND ON_NURBS_LIBRARIES ${ZLIB_LIBRARIES}) ++ list(APPEND SUBSYS_EXT_DEPS zlib) ++ else() ++ include(src/3rdparty/opennurbs/zlib.cmake) ++ list(APPEND OPENNURBS_INCLUDES ${ZLIB_INCLUDES}) ++ list(APPEND OPENNURBS_SOURCES ${ZLIB_SOURCES}) ++ endif() + endif() + + set(POISSON_INCLUDES +@@ -196,7 +207,7 @@ if(QHULL_FOUND) + target_link_libraries("${LIB_NAME}" QHULL::QHULL) + endif() + +-PCL_MAKE_PKGCONFIG(${LIB_NAME} COMPONENT ${SUBSYS_NAME} DESC ${SUBSYS_DESC} PCL_DEPS ${SUBSYS_DEPS}) ++PCL_MAKE_PKGCONFIG(${LIB_NAME} COMPONENT ${SUBSYS_NAME} DESC ${SUBSYS_DESC} PCL_DEPS ${SUBSYS_DEPS} EXT_DEPS ${SUBSYS_EXT_DEPS}) + + # Install include files + PCL_ADD_INCLUDES("${SUBSYS_NAME}" "${SUBSYS_NAME}" ${incs}) +diff --git a/surface/include/pcl/surface/3rdparty/opennurbs/opennurbs_zlib.h b/surface/include/pcl/surface/3rdparty/opennurbs/opennurbs_zlib.h +index 12787e1201f..7622b3a6a7d 100644 +--- a/surface/include/pcl/surface/3rdparty/opennurbs/opennurbs_zlib.h ++++ b/surface/include/pcl/surface/3rdparty/opennurbs/opennurbs_zlib.h +@@ -28,6 +28,22 @@ + // and statically link with the zlib library. All the necessary + // header files are included by opennurbs.h. + ++// PCL can use an external zlib. ++ ++#include ++ ++#if defined(HAVE_ZLIB) ++ ++#define z_deflate deflate ++#define z_inflate inflate ++#define z_Bytef Bytef ++ ++#define zcalloc pcl_zcalloc ++#define zcfree pcl_zcfree ++ ++#include ++ ++#else + + #if !defined(Z_PREFIX) + /* decorates zlib functions with a "z_" prefix to prevent symbol collision. */ +@@ -41,6 +57,8 @@ + + #include "zlib.h" + ++#endif // HAVE_ZLIB ++ + ON_BEGIN_EXTERNC + voidpf zcalloc (voidpf, unsigned, unsigned); + void zcfree (voidpf, voidpf); +diff --git a/surface/src/3rdparty/opennurbs/openNURBS.cmake b/surface/src/3rdparty/opennurbs/openNURBS.cmake +index 51ca678d018..fdcfa7e92dd 100644 +--- a/surface/src/3rdparty/opennurbs/openNURBS.cmake ++++ b/surface/src/3rdparty/opennurbs/openNURBS.cmake +@@ -102,16 +102,7 @@ set(OPENNURBS_INCLUDES + include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/opennurbs_workspace.h + include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/opennurbs_xform.h + include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/opennurbs_zlib.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/crc32.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/deflate.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inffast.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inffixed.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inflate.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inftrees.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/trees.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zconf.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zlib.h +- include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zutil.h) ++) + + set(OPENNURBS_SOURCES + src/3rdparty/opennurbs/opennurbs_3dm_attributes.cpp +@@ -222,14 +213,4 @@ set(OPENNURBS_SOURCES + src/3rdparty/opennurbs/opennurbs_xform.cpp + src/3rdparty/opennurbs/opennurbs_zlib.cpp + src/3rdparty/opennurbs/opennurbs_zlib_memory.cpp +- src/3rdparty/opennurbs/adler32.c +- src/3rdparty/opennurbs/compress.c +- src/3rdparty/opennurbs/crc32.c +- src/3rdparty/opennurbs/deflate.c +- src/3rdparty/opennurbs/infback.c +- src/3rdparty/opennurbs/inffast.c +- src/3rdparty/opennurbs/inflate.c +- src/3rdparty/opennurbs/inftrees.c +- src/3rdparty/opennurbs/trees.c +- src/3rdparty/opennurbs/uncompr.c +- src/3rdparty/opennurbs/zutil.c) ++) +diff --git a/surface/src/3rdparty/opennurbs/opennurbs_zlib.cpp b/surface/src/3rdparty/opennurbs/opennurbs_zlib.cpp +index 688c803df65..03e61993177 100644 +--- a/surface/src/3rdparty/opennurbs/opennurbs_zlib.cpp ++++ b/surface/src/3rdparty/opennurbs/opennurbs_zlib.cpp +@@ -16,6 +16,8 @@ + + #include "pcl/surface/3rdparty/opennurbs/opennurbs.h" + ++#if !defined(HAVE_ZLIB) ++ + #if defined(ON_DLL_EXPORTS) + // When compiling a Windows DLL opennurbs, we + // statically link ./zlib/.../zlib....lib into +@@ -72,6 +74,8 @@ + + #endif // ON_DLL_EXPORTS + ++#endif // !HAVE_ZLIB ++ + + bool ON_BinaryArchive::WriteCompressedBuffer( + std::size_t sizeof__inbuffer, // sizeof uncompressed input data +@@ -641,7 +645,11 @@ struct ON_CompressedBufferHelper + sizeof_x_buffer = 16384 + }; + unsigned char buffer[sizeof_x_buffer]; ++#if defined(HAVE_ZLIB) ++ z_stream strm = []() { z_stream zs; zs.zalloc = pcl_zcalloc; zs.zfree = pcl_zcfree; return zs; } (); ++#else + z_stream strm; ++#endif + std::size_t m_buffer_compressed_capacity; + }; + +diff --git a/surface/src/3rdparty/opennurbs/zlib.cmake b/surface/src/3rdparty/opennurbs/zlib.cmake +new file mode 100644 +index 00000000000..d730f223975 +--- /dev/null ++++ b/surface/src/3rdparty/opennurbs/zlib.cmake +@@ -0,0 +1,26 @@ ++set(ZLIB_INCLUDES ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/crc32.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/deflate.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inffast.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inffixed.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inflate.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/inftrees.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/trees.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zconf.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zlib.h ++ include/pcl/${SUBSYS_NAME}/3rdparty/opennurbs/zutil.h ++) ++ ++set(ZLIB_SOURCES ++ src/3rdparty/opennurbs/adler32.c ++ src/3rdparty/opennurbs/compress.c ++ src/3rdparty/opennurbs/crc32.c ++ src/3rdparty/opennurbs/deflate.c ++ src/3rdparty/opennurbs/infback.c ++ src/3rdparty/opennurbs/inffast.c ++ src/3rdparty/opennurbs/inflate.c ++ src/3rdparty/opennurbs/inftrees.c ++ src/3rdparty/opennurbs/trees.c ++ src/3rdparty/opennurbs/uncompr.c ++ src/3rdparty/opennurbs/zutil.c ++) diff --git a/pcl.spec b/pcl.spec index 895eafb..a899c6f 100644 --- a/pcl.spec +++ b/pcl.spec @@ -5,7 +5,7 @@ Name: pcl Version: 1.12.1 -Release: 4 +Release: 5 Summary: Library for point cloud processing License: BSD URL: http://pointclouds.org/ @@ -22,6 +22,9 @@ Patch4: backport-Perform-static-cast-+-transform-instead-of-simple-copy- Patch5: backport-Fix-segfault-executing-multiscale-feature-persistence.patch Patch6: backport-Fix-division-by-0-width-in-PointCloud-structured-assign.patch Patch7: backport-Improve-correspondence-rejector-test.patch +Patch8: CVE-2025-4638.patch +Patch9: CVE-2025-4640.patch + # For plain building BuildRequires: cmake, gcc-c++, boost-devel @@ -158,6 +161,12 @@ mv $RPM_BUILD_ROOT%{_datadir}/%{name}-*/Modules $RPM_BUILD_ROOT%{_libdir}/cmake/ %doc %{_datadir}/doc %changelog +* Wed May 28 2025 chengwei - 1.12.1-5 +- Type:CVE +- CVE:CVE-2025-4638 CVE-2025-4640 +- SUG:NA +- DESC:fix CVE-2025-4638 CVE-2025-4640 + * Tue Nov 19 2024 Funda Wang - 1.12.1-4 - adopt to new cmake macro -- Gitee