diff options
author | Natanael Copa <ncopa@alpinelinux.org> | 2017-11-23 09:35:21 +0000 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2017-11-23 09:35:21 +0000 |
commit | 24168e0dc14497566f17471bee3a02945832af40 (patch) | |
tree | 6830df78a083ee2acf081c6ffd9c11694c4f5e5f | |
parent | c3ffef0e8fdbf281e019ab997b2323426d235e1c (diff) | |
download | alpine_aports-24168e0dc14497566f17471bee3a02945832af40.tar.bz2 alpine_aports-24168e0dc14497566f17471bee3a02945832af40.tar.xz alpine_aports-24168e0dc14497566f17471bee3a02945832af40.zip |
main/libvorbis: fix for CVE-2017-14160
upstream issue: https://gitlab.xiph.org/xiph/vorbis/issues/2330
fixes #7937
-rw-r--r-- | main/libvorbis/APKBUILD | 13 | ||||
-rw-r--r-- | main/libvorbis/CVE-2017-14160.patch | 58 |
2 files changed, 68 insertions, 3 deletions
diff --git a/main/libvorbis/APKBUILD b/main/libvorbis/APKBUILD index 01794075a7..46528ec484 100644 --- a/main/libvorbis/APKBUILD +++ b/main/libvorbis/APKBUILD | |||
@@ -1,16 +1,22 @@ | |||
1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> | 1 | # Maintainer: Natanael Copa <ncopa@alpinelinux.org> |
2 | pkgname=libvorbis | 2 | pkgname=libvorbis |
3 | pkgver=1.3.5 | 3 | pkgver=1.3.5 |
4 | pkgrel=2 | 4 | pkgrel=3 |
5 | pkgdesc="Vorbis codec library" | 5 | pkgdesc="Vorbis codec library" |
6 | url="https://xiph.org/vorbis/" | 6 | url="https://xiph.org/vorbis/" |
7 | arch="all" | 7 | arch="all" |
8 | license="custom" | 8 | license="custom" |
9 | subpackages="$pkgname-dev $pkgname-doc" | 9 | subpackages="$pkgname-dev $pkgname-doc" |
10 | makedepends="libogg-dev" | 10 | makedepends="libogg-dev" |
11 | source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.gz" | 11 | source="http://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.gz |
12 | CVE-2017-14160.patch | ||
13 | " | ||
12 | builddir="$srcdir/$pkgname-$pkgver" | 14 | builddir="$srcdir/$pkgname-$pkgver" |
13 | 15 | ||
16 | # secfixes: | ||
17 | # 1.3.5-r3: | ||
18 | # - CVE-2017-14160 | ||
19 | |||
14 | build() { | 20 | build() { |
15 | cd "$builddir" | 21 | cd "$builddir" |
16 | 22 | ||
@@ -28,4 +34,5 @@ package() { | |||
28 | install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING | 34 | install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING |
29 | } | 35 | } |
30 | 36 | ||
31 | sha512sums="6c729a227143abc744a779ec4d4ce9932cd1234e301b766cb5111c3894b7cd866f0267590c7864afd3841ac0d4ae2eb2386e8d14345b7c41c8ce35e996e3656c libvorbis-1.3.5.tar.gz" | 37 | sha512sums="6c729a227143abc744a779ec4d4ce9932cd1234e301b766cb5111c3894b7cd866f0267590c7864afd3841ac0d4ae2eb2386e8d14345b7c41c8ce35e996e3656c libvorbis-1.3.5.tar.gz |
38 | 4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch" | ||
diff --git a/main/libvorbis/CVE-2017-14160.patch b/main/libvorbis/CVE-2017-14160.patch new file mode 100644 index 0000000000..9ad9d18f75 --- /dev/null +++ b/main/libvorbis/CVE-2017-14160.patch | |||
@@ -0,0 +1,58 @@ | |||
1 | From 98a60969315dba8c1e8231f561e1551670bc80ae Mon Sep 17 00:00:00 2001 | ||
2 | Message-Id: <98a60969315dba8c1e8231f561e1551670bc80ae.1511192857.git.agx@sigxcpu.org> | ||
3 | From: =?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org> | ||
4 | Date: Wed, 15 Nov 2017 13:12:00 +0100 | ||
5 | Subject: [PATCH] CVE-2017-14160: make sure we don't overflow | ||
6 | |||
7 | --- | ||
8 | lib/psy.c | 9 ++++----- | ||
9 | 1 file changed, 4 insertions(+), 5 deletions(-) | ||
10 | |||
11 | diff --git a/lib/psy.c b/lib/psy.c | ||
12 | index 422c6f1e..8bbf6cf3 100644 | ||
13 | --- a/lib/psy.c | ||
14 | +++ b/lib/psy.c | ||
15 | @@ -599,7 +599,7 @@ static void bark_noise_hybridmp(int n,const long *b, | ||
16 | XY[i] = tXY; | ||
17 | } | ||
18 | |||
19 | - for (i = 0, x = 0.f;; i++, x += 1.f) { | ||
20 | + for (i = 0, x = 0.f; i < n; i++, x += 1.f) { | ||
21 | |||
22 | lo = b[i] >> 16; | ||
23 | if( lo>=0 ) break; | ||
24 | @@ -621,12 +621,11 @@ static void bark_noise_hybridmp(int n,const long *b, | ||
25 | noise[i] = R - offset; | ||
26 | } | ||
27 | |||
28 | - for ( ;; i++, x += 1.f) { | ||
29 | + for ( ; i < n; i++, x += 1.f) { | ||
30 | |||
31 | lo = b[i] >> 16; | ||
32 | hi = b[i] & 0xffff; | ||
33 | if(hi>=n)break; | ||
34 | - | ||
35 | tN = N[hi] - N[lo]; | ||
36 | tX = X[hi] - X[lo]; | ||
37 | tXX = XX[hi] - XX[lo]; | ||
38 | @@ -651,7 +650,7 @@ static void bark_noise_hybridmp(int n,const long *b, | ||
39 | |||
40 | if (fixed <= 0) return; | ||
41 | |||
42 | - for (i = 0, x = 0.f;; i++, x += 1.f) { | ||
43 | + for (i = 0, x = 0.f; i < n; i++, x += 1.f) { | ||
44 | hi = i + fixed / 2; | ||
45 | lo = hi - fixed; | ||
46 | if(lo>=0)break; | ||
47 | @@ -670,7 +669,7 @@ static void bark_noise_hybridmp(int n,const long *b, | ||
48 | |||
49 | if (R - offset < noise[i]) noise[i] = R - offset; | ||
50 | } | ||
51 | - for ( ;; i++, x += 1.f) { | ||
52 | + for ( ; i < n; i++, x += 1.f) { | ||
53 | |||
54 | hi = i + fixed / 2; | ||
55 | lo = hi - fixed; | ||
56 | -- | ||
57 | 2.15.0 | ||
58 | |||