libsndfile1: CVE-2018-13139

A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28. Fixed in https://github.com/erikd/libsndfile/issues/397 Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Changqing Li <changqing.li@windriver.com> 2018-10-10 09:15:53 +0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2018-10-10 12:42:40 +0100
commit: 6b5a9078a7c5035590ee4dc2e23582da94d4a104 (patch)
tree: 5cfc26d2a15859039c82f84f5a1db65c54d6134f /meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
parent: 6f49e72dbb36d0a42993e7c788c17ff03571ece7 (diff)
download: openembedded-core-contrib-6b5a9078a7c5035590ee4dc2e23582da94d4a104.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
index ed43b7494e..b28f675286 100644
--- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
+++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
@@ -12,6 +12,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \
            file://CVE-2017-8363.patch \
            file://CVE-2017-14245-14246.patch \
            file://CVE-2017-14634.patch \
+           file://CVE-2018-13139.patch \
           "
 
 SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c"
author	Changqing Li <changqing.li@windriver.com>	2018-10-10 09:15:53 +0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2018-10-10 12:42:40 +0100
commit	6b5a9078a7c5035590ee4dc2e23582da94d4a104 (patch)
tree	5cfc26d2a15859039c82f84f5a1db65c54d6134f /meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb
parent	6f49e72dbb36d0a42993e7c788c17ff03571ece7 (diff)
download	openembedded-core-contrib-6b5a9078a7c5035590ee4dc2e23582da94d4a104.tar.gz