[flite/f19] Resolves: (CVE-2014-0027) flite: insecure temporary file use
rtcm
rtcm at fedoraproject.org
Thu Jan 9 17:39:15 UTC 2014
commit 44add852b243d4f876135fe46c083f0ed6943677
Author: Rui Matos <tiagomatos at gmail.com>
Date: Mon Jan 6 13:53:50 2014 +0000
Resolves: (CVE-2014-0027) flite: insecure temporary file use
...Only-write-audio-data-to-a-file-in-debug-.patch | 50 ++++++++++++++++++++
flite.spec | 7 ++-
2 files changed, 56 insertions(+), 1 deletions(-)
---
diff --git a/0001-auserver.c-Only-write-audio-data-to-a-file-in-debug-.patch b/0001-auserver.c-Only-write-audio-data-to-a-file-in-debug-.patch
new file mode 100644
index 0000000..09b54f6
--- /dev/null
+++ b/0001-auserver.c-Only-write-audio-data-to-a-file-in-debug-.patch
@@ -0,0 +1,50 @@
+From a85193f122b7ec0d377e0a39ac58c64f12c51085 Mon Sep 17 00:00:00 2001
+From: Rui Matos <tiagomatos at gmail.com>
+Date: Mon, 6 Jan 2014 13:45:00 +0000
+Subject: [PATCH] auserver.c: Only write audio data to a file in debug builds
+
+This isn't useful in regular builds and is actually a security
+concern.
+---
+ src/audio/auserver.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+
+diff --git a/src/audio/auserver.c b/src/audio/auserver.c
+index 29716d3..3e838d0 100644
+--- a/src/audio/auserver.c
++++ b/src/audio/auserver.c
+@@ -58,9 +58,11 @@ static int play_wave_from_socket(snd_header *header,int audiostream)
+ int q,i,n,r;
+ unsigned char bytes[CST_AUDIOBUFFSIZE];
+ short shorts[CST_AUDIOBUFFSIZE];
++#ifdef DEBUG
+ cst_file fff;
+
+ fff = cst_fopen("/tmp/awb.wav",CST_OPEN_WRITE|CST_OPEN_BINARY);
++#endif
+
+ if ((audio_device = audio_open(header->sample_rate,1,
+ (header->encoding == CST_SND_SHORT) ?
+@@ -107,7 +109,9 @@ static int play_wave_from_socket(snd_header *header,int audiostream)
+ for (q=r; q > 0; q-=n)
+ {
+ n = audio_write(audio_device,shorts,q);
++#ifdef DEBUG
+ cst_fwrite(fff,shorts,2,q);
++#endif
+ if (n <= 0)
+ {
+ audio_close(audio_device);
+@@ -116,7 +120,9 @@ static int play_wave_from_socket(snd_header *header,int audiostream)
+ }
+ }
+ audio_close(audio_device);
++#ifdef DEBUG
+ cst_fclose(fff);
++#endif
+
+ return CST_OK_FORMAT;
+
+--
+1.8.3.1
+
diff --git a/flite.spec b/flite.spec
index 99b6672..34f61d6 100644
--- a/flite.spec
+++ b/flite.spec
@@ -1,6 +1,6 @@
Name: flite
Version: 1.3
-Release: 19%{?dist}
+Release: 20%{?dist}
Summary: Small, fast speech synthesis engine (text-to-speech)
Group: Applications/Multimedia
@@ -12,6 +12,7 @@ Patch0: flite-1.3-sharedlibs.patch
Patch1: flite-1.3-doc_texinfo.patch
Patch2: flite-1.3-alsa_support.patch
Patch3: flite-1.3-implicit_dso_linking.patch
+Patch4: 0001-auserver.c-Only-write-audio-data-to-a-file-in-debug-.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
%if 0%{?el4}
@@ -45,6 +46,7 @@ Development files for Flite, a small, fast speech synthesis engine.
%patch1 -p1 -b .flite-1.3-doc_texinfo
%patch2 -p1 -b .flite-1.3-alsa_support
%patch3 -p1 -b .flite-1.3-implicit_dso_linking
+%patch4 -p1
cp -p %{SOURCE1} .
@@ -96,6 +98,9 @@ rm -rf %{buildroot}
%changelog
+* Mon Jan 6 2014 Rui Matos <rmatos at redhat.com> - 1.3-20
+- Resolves: (CVE-2014-0027) flite: insecure temporary file use
+
* Wed Feb 13 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.3-19
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
More information about the scm-commits
mailing list