rtime.felk.cvut.cz Git - coffee/buildroot.git/commit

author	Peter Korsgaard <peter@korsgaard.com>
	Tue, 4 Jul 2017 08:42:11 +0000 (10:42 +0200)
committer	Peter Korsgaard <peter@korsgaard.com>
	Tue, 4 Jul 2017 12:23:15 +0000 (14:23 +0200)
commit	6369a06150b9a2991807c0418a7f0a865ef6c084
tree	95910861adcecf0c5963c444ff9250b371c271da	tree \| snapshot
parent	7af50fddfd94468bb54b6d0ecf7edd1b016f9058	commit \| diff

libmad: add security patch from debian

Fixes:

CVE-2017-8372 - The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a
denial of service (assertion failure and application exit) via a crafted
audio file.

CVE-2017-8373 - The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b allows remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted audio file.

CVE-2017-8374 - The mad_bit_skip function in bit.c in Underbit MAD libmad
0.15.1b allows remote attackers to cause a denial of service (heap-based
buffer over-read and application crash) via a crafted audio file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libmad/libmad.hash		diff \| blob \| history
package/libmad/libmad.mk		diff \| blob \| history