rpms/libsndfile/EL-5 libsndfile-1.0.17-channels-per-frame-overflow.patch, NONE, 1.1 libsndfile.spec, 1.14, 1.15
Michel Alexandre Salim
salimma at fedoraproject.org
Wed Jul 7 23:14:33 UTC 2010
Author: salimma
Update of /cvs/pkgs/rpms/libsndfile/EL-5
In directory cvs01.phx2.fedoraproject.org:/tmp/cvs-serv20668
Modified Files:
libsndfile.spec
Added Files:
libsndfile-1.0.17-channels-per-frame-overflow.patch
Log Message:
* Thu Jul 8 2010 Michel Salim <salimma at fedoraproject.org> - 1.0.17-3
- Fix for channel per frame overflow (CVE-2009-0186, #488364)
libsndfile-1.0.17-channels-per-frame-overflow.patch:
caf.c | 5 +++++
1 file changed, 5 insertions(+)
--- NEW FILE libsndfile-1.0.17-channels-per-frame-overflow.patch ---
diff -up libsndfile-1.0.17/src/caf.c.orig libsndfile-1.0.17/src/caf.c
--- libsndfile-1.0.17/src/caf.c.orig 2006-08-31 11:22:07.000000000 +0200
+++ libsndfile-1.0.17/src/caf.c 2010-07-07 15:25:35.579607380 +0200
@@ -282,6 +282,11 @@ caf_read_header (SF_PRIVATE *psf)
" Frames / packet : %u\n Channels / frame : %u\n Bits / channel : %u\n",
desc.fmt_id, desc.fmt_flags, desc.pkt_bytes, desc.pkt_frames, desc.channels_per_frame, desc.bits_per_chan) ;
+ if (desc.channels_per_frame > 200)
+ { psf_log_printf (psf, "**** Bad channels per frame value %u.\n", desc.channels_per_frame) ;
+ return SFE_MALFORMED_FILE ;
+ } ;
+
if (chunk_size > SIGNED_SIZEOF (DESC_CHUNK))
psf_binheader_readf (psf, "j", (int) (chunk_size - sizeof (DESC_CHUNK))) ;
Index: libsndfile.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libsndfile/EL-5/libsndfile.spec,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -p -r1.14 -r1.15
--- libsndfile.spec 20 Sep 2007 11:38:03 -0000 1.14
+++ libsndfile.spec 7 Jul 2010 23:14:31 -0000 1.15
@@ -1,13 +1,14 @@
Summary: Library for reading and writing sound files
Name: libsndfile
Version: 1.0.17
-Release: 2%{?dist}
+Release: 3%{?dist}
License: LGPL
Group: System Environment/Libraries
URL: http://www.mega-nerd.com/libsndfile/
-Source0: http://www.mega-nerd.com/libsndfile/libsndfile-%{version}.tar.gz
+Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
Patch0: libsndfile-1.0.17+flac-1.1.3.patch
Patch1: libsndfile-1.0.17-flac-buffer-overflow.patch
+Patch2: libsndfile-1.0.17-channels-per-frame-overflow.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n)
BuildRequires: alsa-lib-devel
@@ -35,6 +36,7 @@ This package contains files needed to de
%setup -q
%patch0 -p1
%patch1 -p1
+%patch2 -p1
%build
%configure --disable-dependency-tracking
@@ -82,6 +84,9 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Thu Jul 8 2010 Michel Salim <salimma at fedoraproject.org> - 1.0.17-3
+- Fix for channel per frame overflow (CVE-2009-0186, #488364)
+
* Thu Sep 20 2007 Andreas Thienemann <andreas at bawue.net> - 1.0.17-2
- Adding FLAC support to libsndfile courtesy of gentoo, #237575
- Fixing CVE-2007-4974. Thanks to the gentoo people for the patch, #296221
More information about the scm-commits
mailing list