diff options
| author | Adrian Bunk <bunk@stusta.de> | 2019-08-27 08:51:58 +0300 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-08-28 11:31:21 +0100 |
| commit | 18176f5cc2b2b5969b41bcd867886e968bc7cfcb (patch) | |
| tree | 9f220181f0cf3fbbafb662e1e88cd6149ffaef10 /meta | |
| parent | 3c15c31cce891a9087313b80aae1dea1151cd5aa (diff) | |
| download | poky-18176f5cc2b2b5969b41bcd867886e968bc7cfcb.tar.gz | |
flac: Upgrade 1.3.2 -> 1.3.3
Remove backported patch.
(From OE-Core rev: 16a2f41a29d80647bf60bff1391f015ad2d652f8)
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
| -rw-r--r-- | meta/recipes-multimedia/flac/flac/CVE-2017-6888.patch | 37 | ||||
| -rw-r--r-- | meta/recipes-multimedia/flac/flac_1.3.3.bb (renamed from meta/recipes-multimedia/flac/flac_1.3.2.bb) | 7 |
2 files changed, 3 insertions, 41 deletions
diff --git a/meta/recipes-multimedia/flac/flac/CVE-2017-6888.patch b/meta/recipes-multimedia/flac/flac/CVE-2017-6888.patch deleted file mode 100644 index f01791680e..0000000000 --- a/meta/recipes-multimedia/flac/flac/CVE-2017-6888.patch +++ /dev/null | |||
| @@ -1,37 +0,0 @@ | |||
| 1 | From 43ecb6431077ff54e9df27f71737e6e96d6c039f Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Changqing Li <changqing.li@windriver.com> | ||
| 3 | Date: Tue, 21 Aug 2018 14:46:43 +0800 | ||
| 4 | Subject: [PATCH] From 5f47b63e9c971e6391590caf00a0f2a5ed612e67 Mon Sep 17 | ||
| 5 | 00:00:00 2001 From: Erik de Castro Lopo <erikd@mega-nerd.com> Date: Sat, 8 | ||
| 6 | Apr 2017 18:34:49 +1000 Subject: [PATCH] stream_decoder.c: Fix a memory leak | ||
| 7 | |||
| 8 | Leak reported by Secunia Research. | ||
| 9 | |||
| 10 | Upstream-Status: Backport[https://git.xiph.org/?p=flac.git;a=commit; | ||
| 11 | h=4f47b63e9c971e6391590caf00a0f2a5ed612e67] | ||
| 12 | |||
| 13 | Update patch to version 1.3.2 | ||
| 14 | CVE: CVE-2017-6888 | ||
| 15 | |||
| 16 | Signed-off-by: Changqing Li <changqing.li@windriver.com> | ||
| 17 | --- | ||
| 18 | src/libFLAC/stream_decoder.c | 3 +++ | ||
| 19 | 1 file changed, 3 insertions(+) | ||
| 20 | |||
| 21 | diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c | ||
| 22 | index d364b0c..ebf93da 100644 | ||
| 23 | --- a/src/libFLAC/stream_decoder.c | ||
| 24 | +++ b/src/libFLAC/stream_decoder.c | ||
| 25 | @@ -1759,6 +1759,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre | ||
| 26 | } | ||
| 27 | memset (obj->comments[i].entry, 0, obj->comments[i].length) ; | ||
| 28 | if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) { | ||
| 29 | + /* Current i-th entry is bad, so we delete it. */\ | ||
| 30 | + free (obj->comments[i].entry) ; | ||
| 31 | + obj->comments[i].entry = NULL ; | ||
| 32 | obj->num_comments = i; | ||
| 33 | goto skip; | ||
| 34 | } | ||
| 35 | -- | ||
| 36 | 2.7.4 | ||
| 37 | |||
diff --git a/meta/recipes-multimedia/flac/flac_1.3.2.bb b/meta/recipes-multimedia/flac/flac_1.3.3.bb index e8599f6bab..fea2be1f6b 100644 --- a/meta/recipes-multimedia/flac/flac_1.3.2.bb +++ b/meta/recipes-multimedia/flac/flac_1.3.3.bb | |||
| @@ -15,11 +15,10 @@ LIC_FILES_CHKSUM = "file://COPYING.FDL;md5=ad1419ecc56e060eccf8184a87c4285f \ | |||
| 15 | DEPENDS = "libogg" | 15 | DEPENDS = "libogg" |
| 16 | 16 | ||
| 17 | SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz \ | 17 | SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz \ |
| 18 | file://CVE-2017-6888.patch " | 18 | " |
| 19 | 19 | ||
| 20 | 20 | SRC_URI[md5sum] = "26703ed2858c1fc9ffc05136d13daa69" | |
| 21 | SRC_URI[md5sum] = "454f1bfa3f93cc708098d7890d0499bd" | 21 | SRC_URI[sha256sum] = "213e82bd716c9de6db2f98bcadbc4c24c7e2efe8c75939a1a84e28539c4e1748" |
| 22 | SRC_URI[sha256sum] = "91cfc3ed61dc40f47f050a109b08610667d73477af6ef36dcad31c31a4a8d53f" | ||
| 23 | 22 | ||
| 24 | CVE_PRODUCT = "libflac flac" | 23 | CVE_PRODUCT = "libflac flac" |
| 25 | 24 | ||