rtime.felk.cvut.cz Git - coffee/buildroot.git/commit

author	Peter Korsgaard <peter@korsgaard.com>
	Fri, 16 Feb 2018 08:09:55 +0000 (09:09 +0100)
committer	Peter Korsgaard <peter@korsgaard.com>
	Tue, 10 Apr 2018 19:44:59 +0000 (21:44 +0200)
commit	9f5ffe8012830173cf6d2fb5276a77e6d08f235e
tree	08f04af91f5fb5306c100ae922d2365014f57418	tree \| snapshot
parent	9c908557caf467f78042f008912420f7729089ad	commit \| diff

libvorbis: add upstream security fixes

Fixes the following security issues:

CVE-2017-14632: Libvorbis 1.3.5 allows Remote Code Execution upon freeing
uninitialized memory in the function vorbis_analysis_headerout() in info.c
when vi->channels<=0, a similar issue to Mozilla bug 550184.

CVE-2017-14633: In libvorbis 1.3.5, an out-of-bounds array read
vulnerability exists in the function mapping0_forward() in mapping0.c, which
may lead to DoS when operating on a crafted audio file with
vorbis_analysis().

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit cc9282ae8c346c0b46fb249008696f6e9bc35f2c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/libvorbis/0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch	[new file with mode: 0644]	blob
package/libvorbis/0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch	[new file with mode: 0644]	blob