diff options
| author | Alexandru Ardelean <ardeleanalex@gmail.com> | 2022-02-24 17:30:33 +0200 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2022-02-25 12:41:24 +0000 |
| commit | fd2c86b06963345683ac5dc4f47f9da8e0c8c69d (patch) | |
| tree | e360ee3b3b03d5a3df55aec435b29b0d4b4f669f /meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch | |
| parent | e62965346314544919e4a529ca860a242d76b303 (diff) | |
| download | poky-fd2c86b06963345683ac5dc4f47f9da8e0c8c69d.tar.gz | |
libsndfile1: bump to version 1.0.31
It seems that the homepage has moved (for a while now) from
http://www.mega-nerd.com/libsndfile/
to
https://libsndfile.github.io/libsndfile/
On Github, the development group seems to include Erik de Castro Lopo (the
original author of libsndfile1).
Link: https://github.com/orgs/libsndfile/people
All backported CVE patches are in version 1.0.31 (I've checked).
The supported format page [1], mentions that Ogg/Opus is supported since
1.0.29, however that isn't currently added in this patch. And it may
require libopus.
And mp3 is supported at around version 1.1.0, but that version is in beta.
This change focuses solely on updating to 1.0.31 and removing all
backported patches.
[1] https://libsndfile.github.io/libsndfile/formats.html
(From OE-Core rev: 6e12ee5f7871150c11dac754145d146ed364b506)
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch')
| -rw-r--r-- | meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch | 34 |
1 files changed, 0 insertions, 34 deletions
diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch deleted file mode 100644 index c3586f9dfc..0000000000 --- a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-19758.patch +++ /dev/null | |||
| @@ -1,34 +0,0 @@ | |||
| 1 | There is a heap-based buffer over-read at wav.c in wav_write_header in | ||
| 2 | libsndfile 1.0.28 that will cause a denial of service. | ||
| 3 | |||
| 4 | CVE: CVE-2018-19758 | ||
| 5 | Upstream-Status: Backport [42132c543358cee9f7c3e9e9b15bb6c1063a608e] | ||
| 6 | Signed-off-by: Ross Burton <ross.burton@intel.com> | ||
| 7 | |||
| 8 | From c12173b0197dd0c5cfa2cd27977e982d2ae59486 Mon Sep 17 00:00:00 2001 | ||
| 9 | From: Erik de Castro Lopo <erikd@mega-nerd.com> | ||
| 10 | Date: Tue, 1 Jan 2019 20:11:46 +1100 | ||
| 11 | Subject: [PATCH] src/wav.c: Fix heap read overflow | ||
| 12 | |||
| 13 | This is CVE-2018-19758. | ||
| 14 | |||
| 15 | Closes: https://github.com/erikd/libsndfile/issues/435 | ||
| 16 | --- | ||
| 17 | src/wav.c | 2 ++ | ||
| 18 | 1 file changed, 2 insertions(+) | ||
| 19 | |||
| 20 | diff --git a/src/wav.c b/src/wav.c | ||
| 21 | index e8405b55..6fb94ae8 100644 | ||
| 22 | --- a/src/wav.c | ||
| 23 | +++ b/src/wav.c | ||
| 24 | @@ -1094,6 +1094,8 @@ wav_write_header (SF_PRIVATE *psf, int calc_length) | ||
| 25 | psf_binheader_writef (psf, "44", 0, 0) ; /* SMTPE format */ | ||
| 26 | psf_binheader_writef (psf, "44", psf->instrument->loop_count, 0) ; | ||
| 27 | |||
| 28 | + /* Loop count is signed 16 bit number so we limit it range to something sensible. */ | ||
| 29 | + psf->instrument->loop_count &= 0x7fff ; | ||
| 30 | for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++) | ||
| 31 | { int type ; | ||
| 32 | |||
| 33 | -- | ||
| 34 | 2.11.0 | ||