summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>2018-07-22 06:41:27 (GMT)
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-09-13 09:55:38 (GMT)
commit6f7c2da54062aecd82b2f27660f110099874562b (patch)
treea19e617dc86969238a6f19364467eb6d5b0acaa5
parent3cbd516bd19a1e5098b5c3249f2b167344015188 (diff)
downloadpoky-6f7c2da54062aecd82b2f27660f110099874562b.tar.gz
libvorbis: CVE-2017-14160 CVE-2018-10393
CVE-2017-14160: fix bounds check on very low sample rates. (From OE-Core rev: 5bed33fbd29eea9449114186d42b4b2a5e88b32f) Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r--meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch33
-rw-r--r--meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb2
2 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch b/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch
new file mode 100644
index 0000000..7564d92
--- /dev/null
+++ b/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14160.patch
@@ -0,0 +1,33 @@
1From 018ca26dece618457dd13585cad52941193c4a25 Mon Sep 17 00:00:00 2001
2From: Thomas Daede <daede003@umn.edu>
3Date: Wed, 9 May 2018 14:56:59 -0700
4Subject: [PATCH] CVE-2017-14160: fix bounds check on very low sample rates.
5
6CVE: CVE-2017-14160
7CVE: CVE-2018-10393
8Upstream-Status: Backport from https://gitlab.xiph.org/xiph/vorbis/commit/018ca26dece618457dd13585cad52941193c4a25
9
10Signed-off-by: Thomas Daede <daede003@umn.edu>
11Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
12---
13 lib/psy.c | 3 ++-
14 1 file changed, 2 insertions(+), 1 deletion(-)
15
16diff --git a/lib/psy.c b/lib/psy.c
17index 422c6f1..1310123 100644
18--- a/lib/psy.c
19+++ b/lib/psy.c
20@@ -602,8 +602,9 @@ static void bark_noise_hybridmp(int n,const long *b,
21 for (i = 0, x = 0.f;; i++, x += 1.f) {
22
23 lo = b[i] >> 16;
24- if( lo>=0 ) break;
25 hi = b[i] & 0xffff;
26+ if( lo>=0 ) break;
27+ if( hi>=n ) break;
28
29 tN = N[hi] + N[-lo];
30 tX = X[hi] - X[-lo];
31--
322.7.4
33
diff --git a/meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb b/meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb
index 20f887c..1a49e59 100644
--- a/meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb
+++ b/meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb
@@ -9,12 +9,14 @@ LICENSE = "BSD"
9LIC_FILES_CHKSUM = "file://COPYING;md5=7d2c487d2fc7dd3e3c7c465a5b7f6217 \ 9LIC_FILES_CHKSUM = "file://COPYING;md5=7d2c487d2fc7dd3e3c7c465a5b7f6217 \
10 file://include/vorbis/vorbisenc.h;beginline=1;endline=11;md5=d1c1d138863d6315131193d4046d81cb" 10 file://include/vorbis/vorbisenc.h;beginline=1;endline=11;md5=d1c1d138863d6315131193d4046d81cb"
11DEPENDS = "libogg" 11DEPENDS = "libogg"
12PR = "r1"
12 13
13SRC_URI = "http://downloads.xiph.org/releases/vorbis/${BP}.tar.xz \ 14SRC_URI = "http://downloads.xiph.org/releases/vorbis/${BP}.tar.xz \
14 file://0001-configure-Check-for-clang.patch \ 15 file://0001-configure-Check-for-clang.patch \
15 file://CVE-2017-14633.patch \ 16 file://CVE-2017-14633.patch \
16 file://CVE-2017-14632.patch \ 17 file://CVE-2017-14632.patch \
17 file://CVE-2018-5146.patch \ 18 file://CVE-2018-5146.patch \
19 file://CVE-2017-14160.patch \
18 " 20 "
19SRC_URI[md5sum] = "28cb28097c07a735d6af56e598e1c90f" 21SRC_URI[md5sum] = "28cb28097c07a735d6af56e598e1c90f"
20SRC_URI[sha256sum] = "54f94a9527ff0a88477be0a71c0bab09a4c3febe0ed878b24824906cd4b0e1d1" 22SRC_URI[sha256sum] = "54f94a9527ff0a88477be0a71c0bab09a4c3febe0ed878b24824906cd4b0e1d1"