main/libvorbis: security fix for CVE-2018-10392

fixes #9143
author: Natanael Copa <ncopa@alpinelinux.org> 2018-07-30 08:02:45 +0000
committer: Natanael Copa <ncopa@alpinelinux.org> 2018-07-30 10:30:09 +0200
commit: 602d91945a5a2a9e239d0dd0d65f7d8219105767 (patch)
tree: a794ec667eafeb758fbb50bc3be2626aed731d7d
parent: d306aa6cfcff4a7559cb685f450de8970e6cc399 (diff)
download: alpine_aports-602d91945a5a2a9e239d0dd0d65f7d8219105767.tar.bz2
alpine_aports-602d91945a5a2a9e239d0dd0d65f7d8219105767.tar.xz
alpine_aports-602d91945a5a2a9e239d0dd0d65f7d8219105767.zip
2 files changed, 33 insertions, 3 deletions
diff --git a/main/libvorbis/APKBUILD b/main/libvorbis/APKBUILD
index 58411ac47f..2703139afb 100644
--- a/main/libvorbis/APKBUILD
+++ b/main/libvorbis/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: Natanael Copa <ncopa@alpinelinux.org>
 pkgname=libvorbis
 pkgver=1.3.6
-pkgrel=0
+pkgrel=1
 pkgdesc="Vorbis codec library"
 url="https://xiph.org/vorbis"
 arch="all"
@@ -11,10 +11,14 @@ depends=
 depends_dev="libogg-dev"
 makedepends="$depends_dev"
 source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.xz
-        CVE-2017-14160.patch"
+        CVE-2017-14160.patch
+        CVE-2018-10392.patch
+        "
 builddir="$srcdir/$pkgname-$pkgver"
 # secfixes:
+#   1.3.6-r1:
+#   - CVE-2018-10392
 #   1.3.6-r0:
 #   - CVE-2018-5146
 #   1.3.5-r3:
@@ -47,4 +51,5 @@ package() {
 }
 sha512sums="a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132  libvorbis-1.3.6.tar.xz
-4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e  CVE-2017-14160.patch"
+4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e  CVE-2017-14160.patch
+a60d45144882bc72c3f4937a34baa5e2bda80a3a858b858637fee508755349b616690519e013ff6aafa7e8ff85fd1d0687a3e748b0e8bce25df1abeece97dc36  CVE-2018-10392.patch"
diff --git a/main/libvorbis/CVE-2018-10392.patch b/main/libvorbis/CVE-2018-10392.patch
new file mode 100644
index 0000000000..3d3a16cdea
--- /dev/null
+++ b/main/libvorbis/CVE-2018-10392.patch
@@ -0,0 +1,25 @@
+From 112d3bd0aaacad51305e1464d4b381dabad0e88b Mon Sep 17 00:00:00 2001
+From: Thomas Daede <daede003@umn.edu>
+Date: Thu, 17 May 2018 16:19:19 -0700
+Subject: [PATCH] Sanity check number of channels in setup.
+Fixes #2335.
+---
+ lib/vorbisenc.c | 1 +
+ 1 file changed, 1 insertion(+)
+diff --git a/lib/vorbisenc.c b/lib/vorbisenc.c
+index 4fc7b62..64a51b5 100644
+--- a/lib/vorbisenc.c
+++ b/lib/vorbisenc.c
+@@ -684,6 +684,7 @@ int vorbis_encode_setup_init(vorbis_info *vi){
+   highlevel_encode_setup *hi=&ci->hi;
+ 
+   if(ci==NULL)return(OV_EINVAL);
+  if(vi->channels<1||vi->channels>255)return(OV_EINVAL);
+   if(!hi->impulse_block_p)i0=1;
+ 
+   /* too low/high an ATH floater is nonsensical, but doesn't break anything */
+--
+libgit2 0.26.0
author	Natanael Copa <ncopa@alpinelinux.org>	2018-07-30 08:02:45 +0000
committer	Natanael Copa <ncopa@alpinelinux.org>	2018-07-30 10:30:09 +0200
commit	602d91945a5a2a9e239d0dd0d65f7d8219105767 (patch)
tree	a794ec667eafeb758fbb50bc3be2626aed731d7d
parent	d306aa6cfcff4a7559cb685f450de8970e6cc399 (diff)
download	alpine_aports-602d91945a5a2a9e239d0dd0d65f7d8219105767.tar.bz2 alpine_aports-602d91945a5a2a9e239d0dd0d65f7d8219105767.tar.xz alpine_aports-602d91945a5a2a9e239d0dd0d65f7d8219105767.zip

diff --git a/main/libvorbis/APKBUILD b/main/libvorbis/APKBUILD index 58411ac47f..2703139afb 100644 --- a/main/libvorbis/APKBUILD +++ b/main/libvorbis/APKBUILD
@@ -1,7 +1,7 @@
1	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>	1	# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
2	pkgname=libvorbis	2	pkgname=libvorbis
3	pkgver=1.3.6	3	pkgver=1.3.6
4	pkgrel=0	4	pkgrel=1
5	pkgdesc="Vorbis codec library"	5	pkgdesc="Vorbis codec library"
6	url="https://xiph.org/vorbis"	6	url="https://xiph.org/vorbis"
7	arch="all"	7	arch="all"
@@ -11,10 +11,14 @@ depends=
11	depends_dev="libogg-dev"	11	depends_dev="libogg-dev"
12	makedepends="$depends_dev"	12	makedepends="$depends_dev"
13	source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.xz	13	source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.xz
14	CVE-2017-14160.patch"	14	CVE-2017-14160.patch
		15	CVE-2018-10392.patch
		16	"
15	builddir="$srcdir/$pkgname-$pkgver"	17	builddir="$srcdir/$pkgname-$pkgver"
16		18
17	# secfixes:	19	# secfixes:
		20	# 1.3.6-r1:
		21	# - CVE-2018-10392
18	# 1.3.6-r0:	22	# 1.3.6-r0:
19	# - CVE-2018-5146	23	# - CVE-2018-5146
20	# 1.3.5-r3:	24	# 1.3.5-r3:
@@ -47,4 +51,5 @@ package() {
47	}	51	}
48		52
49	sha512sums="a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132 libvorbis-1.3.6.tar.xz	53	sha512sums="a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132 libvorbis-1.3.6.tar.xz
50	4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch"	54	4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch
		55	a60d45144882bc72c3f4937a34baa5e2bda80a3a858b858637fee508755349b616690519e013ff6aafa7e8ff85fd1d0687a3e748b0e8bce25df1abeece97dc36 CVE-2018-10392.patch"


diff --git a/main/libvorbis/CVE-2018-10392.patch b/main/libvorbis/CVE-2018-10392.patch new file mode 100644 index 0000000000..3d3a16cdea --- /dev/null +++ b/main/libvorbis/CVE-2018-10392.patch
@@ -0,0 +1,25 @@
		1	From 112d3bd0aaacad51305e1464d4b381dabad0e88b Mon Sep 17 00:00:00 2001
		2	From: Thomas Daede <daede003@umn.edu>
		3	Date: Thu, 17 May 2018 16:19:19 -0700
		4	Subject: [PATCH] Sanity check number of channels in setup.
		5
		6	Fixes #2335.
		7	---
		8	lib/vorbisenc.c \| 1 +
		9	1 file changed, 1 insertion(+)
		10
		11	diff --git a/lib/vorbisenc.c b/lib/vorbisenc.c
		12	index 4fc7b62..64a51b5 100644
		13	--- a/lib/vorbisenc.c
		14	+++ b/lib/vorbisenc.c
		15	@@ -684,6 +684,7 @@ int vorbis_encode_setup_init(vorbis_info *vi){
		16	highlevel_encode_setup *hi=&ci->hi;
		17
		18	if(ci==NULL)return(OV_EINVAL);
		19	+ if(vi->channels<1\|\|vi->channels>255)return(OV_EINVAL);
		20	if(!hi->impulse_block_p)i0=1;
		21
		22	/* too low/high an ATH floater is nonsensical, but doesn't break anything */
		23	--
		24	libgit2 0.26.0
		25