libraw: patch CVE-2023-1729

Details: https://nvd.nist.gov/vuln/detail/CVE-2023-1729

Pick the patch that is mentioned to solve the issue in the issue
linked from the nvd report.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>

meta-oe/recipes-support/libraw/libraw/CVE-2023-1729.patch

@@ -0,0 +1,25 @@
+From f7a1082a65b444d606d82ae71e1279789601f78d Mon Sep 17 00:00:00 2001
+From: Alex Tutubalin <lexa@lexa.ru>
+Date: Sat, 14 Jan 2023 18:32:59 +0300
+Subject: [PATCH] do not set shrink flag for 3/4 component images
+
+CVE: CVE-2023-1729
+Upstream-Status: Backport [https://github.com/LibRaw/LibRaw/commit/9ab70f6dca19229cb5caad7cc31af4e7501bac93]
+Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
+---
+ src/preprocessing/raw2image.cpp | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/preprocessing/raw2image.cpp b/src/preprocessing/raw2image.cpp
+index 18f897eb..64722efd 100644
+--- a/src/preprocessing/raw2image.cpp
++++ b/src/preprocessing/raw2image.cpp
+@@ -43,6 +43,8 @@ void LibRaw::raw2image_start()
+ 
+   // adjust for half mode!
+   IO.shrink =
++	  !imgdata.rawdata.color4_image && !imgdata.rawdata.color3_image &&
++	  !imgdata.rawdata.float4_image && !imgdata.rawdata.float3_image &&
+       P1.filters &&
+       (O.half_size || ((O.threshold || O.aber[0] != 1 || O.aber[2] != 1)));
+ 

meta-oe/recipes-support/libraw/libraw_0.20.2.bb

@@ -2,7 +2,9 @@ SUMMARY = "raw image decoder"
 LICENSE = "LGPL-2.1-only | CDDL-1.0"
 LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=74c9dffdc42805f9c0de2f97df6031fc"
 
-SRC_URI = "git://github.com/LibRaw/LibRaw.git;branch=master;protocol=https"
+SRC_URI = "git://github.com/LibRaw/LibRaw.git;branch=master;protocol=https \
+           file://CVE-2023-1729.patch \
+           "
 SRCREV = "0209b6a2caec189e6d1a9b21c10e9e49f46e5a92"
 S = "${WORKDIR}/git"