diff options
author | Leo <thinkabit.ukim@gmail.com> | 2019-07-16 20:28:38 -0300 |
---|---|---|
committer | Leonardo Arena <rnalrd@alpinelinux.org> | 2019-07-17 06:43:45 +0000 |
commit | 83d74e47d53224f58b4350ae12ffbe8f508593e6 (patch) | |
tree | 5985598fae358eeb955ce90d1681f8e731059d3d | |
parent | af7395aaa3100fd61a9d94b1f0e159eebc46255f (diff) |
main/libsndfile: backport fix for CVE-2018-19758 and CVE-2019-3832
Fixes #10109
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
-rw-r--r-- | main/libsndfile/APKBUILD | 17 | ||||
-rw-r--r-- | main/libsndfile/CVE-2018-19758-and-CVE-2019-3832.patch | 16 |
2 files changed, 23 insertions, 10 deletions
diff --git a/main/libsndfile/APKBUILD b/main/libsndfile/APKBUILD index b75ce398611..60725f26730 100644 --- a/main/libsndfile/APKBUILD +++ b/main/libsndfile/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=libsndfile pkgver=1.0.28 -pkgrel=4 +pkgrel=5 pkgdesc="A C library for reading and writing files containing sampled sound" url="http://www.mega-nerd.com/libsndfile" arch="all" @@ -17,9 +17,13 @@ source="http://www.mega-nerd.com/$pkgname/files/$pkgname-$pkgver.tar.gz CVE-2017-12562.patch CVE-2018-13139.patch CVE-2017-17456_CVE-2017-17457_CVE-2018-19661_CVE-2018-19662.patch + CVE-2018-19758-and-CVE-2019-3832.patch " # secfixes: +# 1.0.28-r5: +# - CVE-2018-19758 +# - CVE-2019-3832 # 1.0.28-r4: # - CVE-2017-17456 # - CVE-2017-17457 @@ -57,17 +61,10 @@ package() { cd "$_builddir" make DESTDIR="$pkgdir" install || return 1 } -md5sums="646b5f98ce89ac60cdb060fcd398247c libsndfile-1.0.28.tar.gz -cdd75dee754a3f97a2b9852193858e8b CVE-2017-8361_CVE-2017-8363_CVE-2017-8365.patch -883e150165932d7dc89aee64795a5e5e CVE-2017-8362.patch -bcee757ad4ec56f92c0c2ad5c9c9bf96 CVE-2017-12562.patch" -sha256sums="1ff33929f042fa333aed1e8923aa628c3ee9e1eb85512686c55092d1e5a9dfa9 libsndfile-1.0.28.tar.gz -c2d2665744b32facab093540bd0b0c28e72496dd03f8fd51e0aef42fb76d9631 CVE-2017-8361_CVE-2017-8363_CVE-2017-8365.patch -3dc977a26f36a779874bda304685a221a9da08d3e6b8d239f19785a31e18dbf7 CVE-2017-8362.patch -5e13e843a247c5cc3e33e926183281003512bd34dbb32acab6c9360e06e6e3c9 CVE-2017-12562.patch" sha512sums="890731a6b8173f714155ce05eaf6d991b31632c8ab207fbae860968861a107552df26fcf85602df2e7f65502c7256c1b41735e1122485a3a07ddb580aa83b57f libsndfile-1.0.28.tar.gz f98c40696fca3e7bca867df993de55bb4145c23428e65d1a669182eb2293046478ac727ae7f94bb77123ef0355c3c53be4f9d6a432665c90c74687d8d3afd9e3 CVE-2017-8361_CVE-2017-8363_CVE-2017-8365.patch dfd4b5f1c7471fc416eed5c6040580a020543f145de9103751adaad6ce1c5c6a22abc1cf0ffd381aed3072644cd5ee03ba3598265aa7d202d63167da251cb595 CVE-2017-8362.patch 814139567d90fb07908014e858c341fe933e04dca69b88ad66078910888237bbeba94f85d9e1489883c424f35fca312eb98c21ae2b122d9289bb6418725cd02e CVE-2017-12562.patch 33817e7c85180635fa239e4ea38973b18312878522639f43071188a995f0e1a35dbca6d133555fb0875292b4b609950ae38e747a6b1949f8ae840db9dc3a2805 CVE-2018-13139.patch -ba3e5321713dbc118f45dac6f86049a15e6ba54fc788776eb267b1b165a0853bec278d8b066c71372cd243c852faa6781bef6a71d108e7cdbc64fb77fa3afc0a CVE-2017-17456_CVE-2017-17457_CVE-2018-19661_CVE-2018-19662.patch" +ba3e5321713dbc118f45dac6f86049a15e6ba54fc788776eb267b1b165a0853bec278d8b066c71372cd243c852faa6781bef6a71d108e7cdbc64fb77fa3afc0a CVE-2017-17456_CVE-2017-17457_CVE-2018-19661_CVE-2018-19662.patch +0cde1fba48e57a009a396fabb3332633e165409de64e7d098f944421e9ef7b5e5c0edb428ce2bca33fc6311f6454b3be30d1259a6cf2a84e1f78eae996f14135 CVE-2018-19758-and-CVE-2019-3832.patch" diff --git a/main/libsndfile/CVE-2018-19758-and-CVE-2019-3832.patch b/main/libsndfile/CVE-2018-19758-and-CVE-2019-3832.patch new file mode 100644 index 00000000000..3b08a642129 --- /dev/null +++ b/main/libsndfile/CVE-2018-19758-and-CVE-2019-3832.patch @@ -0,0 +1,16 @@ +diff --git a/src/wav.c b/src/wav.c +index 4b943dc..6020f20 100644 +--- a/src/wav.c ++++ b/src/wav.c +@@ -1094,6 +1094,10 @@ wav_write_header (SF_PRIVATE *psf, int calc_length) + psf_binheader_writef (psf, "44", 0, 0) ; /* SMTPE format */ + psf_binheader_writef (psf, "44", psf->instrument->loop_count, 0) ; + ++ /* Make sure we don't read past the loops array end. */ ++ if (psf->instrument->loop_count > ARRAY_LEN (psf->instrument->loops)) ++ psf->instrument->loop_count = ARRAY_LEN (psf->instrument->loops) ; ++ + for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++) + { int type ; + + |