diff options
| author |   Fan Xin <fan.xin@jp.fujitsu.com> | 2017-06-22 10:44:02 +0900 |
|---|---|---|
| committer |   Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-09-11 22:15:51 +0100 |
| commit | eed7d052dc053732e2d485dcc7e551b6754c4576 (patch) | |
| tree | 2b1e71ffb377c8326aae53dd7e0259d55d3e9868 | |
| parent | 03fbdba18b767be95c5fa13d72b52c16f8a77b52 (diff) | |
| download | openembedded-core-contrib-eed7d052dc053732e2d485dcc7e551b6754c4576.tar.gz | |
libsndfile1: Fix CVE-2017-6892
Backport upstream patch to fix CVE-2017-6892.
CVE: CVE-2017-6892
(From OE-Core rev: cc9b8d0afe64b83f585843f3aff1c077f69fd656)
Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
| -rw-r--r-- | meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch | 34 | ||||
| -rw-r--r-- | meta/recipes-multimedia/libsndfile/libsndfile1_1.0.27.bb | 4 |
2 files changed, 37 insertions, 1 deletions
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch new file mode 100644 index 0000000000..89552ac2d9 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-6892.patch @@ -0,0 +1,34 @@ +From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001 +From: Erik de Castro Lopo <erikd@mega-nerd.com> +Date: Tue, 23 May 2017 20:15:24 +1000 +Subject: [PATCH] src/aiff.c: Fix a buffer read overflow + +Secunia Advisory SA76717. + +Found by: Laurent Delosieres, Secunia Research at Flexera Software + +CVE: CVE-2017-6892 +Upstream-Status: Backport + +Signed-off-by: Fan Xin <fan.xin@jp.fujitsu.com> + +--- + src/aiff.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/aiff.c b/src/aiff.c +index 5b5f9f5..45864b7 100644 +--- a/src/aiff.c ++++ b/src/aiff.c +@@ -1759,7 +1759,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, unsigned dword) + psf_binheader_readf (psf, "j", dword - bytesread) ; + + if (map_info->channel_map != NULL) +- { size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ; ++ { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ; + + free (psf->channel_map) ; + +-- +1.9.1 + diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.27.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.27.bb index 09533f8ec0..8475ba3a25 100644 --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.27.bb +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.27.bb @@ -5,7 +5,9 @@ DEPENDS = "flac libogg libvorbis sqlite3" SECTION = "libs/multimedia" LICENSE = "LGPLv2.1" -SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz" +SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ + file://CVE-2017-6892.patch \ + " SRC_URI[md5sum] = "fd1d97c6077f03b5d984d7956ffedb7a" SRC_URI[sha256sum] = "a391952f27f4a92ceb2b4c06493ac107896ed6c76be9a613a4731f076d30fac0" |