pool/libsndfile
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

- Fix potential overflow in d2alaw_array() (CVE-2017-17456,

Browse Source 
bsc#1071777):
  libsndfile-CVE-2017-17456-alaw-range-check.patch
- Fix potential overflow in d2ulaw_array() (CVE-2017-17457,
  bsc#1071767):
  libsndfile-CVE-2017-17457-ulaw-range-check.patch

- Fix VUL-0: divide-by-zero error exists in the function
  double64_init() in double64.c (CVE-2017-14634, bsc#1059911):
  0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
- Tentative fix for VUL-0: out of bounds read in the function
  d2alaw_array() in alaw.c (CVE-2017-14245, bsc#1059912) and
  VUL-0: out of bounds read in the function d2ulaw_array() in
  ulaw.c (CVE-2017-14246, bsc#1059913):
  0031-sfe_copy_data_fp-check-value-of-max-variable.patch

- Fix Heap-based Buffer Overflow in the psf_binheader_writef
  (CVE-2017-12562, bsc#1052476):
  0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch

- Fix out-of-bounds read memory access in the aiff_read_chanmap()
  (CVE-2017-6892, bsc#1043978):
  0010-src-aiff.c-Fix-a-buffer-read-overflow.patch

- Fix FLAC buffer overflows (CVE-2017-8361 CVE-2017-8363
  CVE-2017-8365 CVE-2017-8362 bsc#1036944 bsc#1036945 bsc#1036946
  bsc#1036943):
  0001-FLAC-Fix-a-buffer-read-overrun.patch
  0002-src-flac.c-Fix-a-buffer-read-overflow.patch

OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libsndfile?expand=0&rev=71
This commit is contained in:
Takashi Iwai 2018-11-23 13:50:08 +00:00 committed by Git OBS Bridge
parent 1405f02287
commit 773bb27446
1 changed files with 45 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
libsndfile-progs.changes
View File

@ -6,6 +6,51 @@ Fri Jul 6 14:11:47 CEST 2018 - tiwai@suse.de
CVE-2018-19432): CVE-2018-19432):
sndfile-deinterlace-channels-check.patch sndfile-deinterlace-channels-check.patch
-------------------------------------------------------------------
Fri Jun 8 14:46:54 CEST 2018 - tiwai@suse.de
- Fix potential overflow in d2alaw_array() (CVE-2017-17456,
bsc#1071777):
libsndfile-CVE-2017-17456-alaw-range-check.patch
- Fix potential overflow in d2ulaw_array() (CVE-2017-17457,
bsc#1071767):
libsndfile-CVE-2017-17457-ulaw-range-check.patch
-------------------------------------------------------------------
Tue Dec 19 15:57:19 CET 2017 - tiwai@suse.de
- Fix VUL-0: divide-by-zero error exists in the function
double64_init() in double64.c (CVE-2017-14634, bsc#1059911):
0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
- Tentative fix for VUL-0: out of bounds read in the function
d2alaw_array() in alaw.c (CVE-2017-14245, bsc#1059912) and
VUL-0: out of bounds read in the function d2ulaw_array() in
ulaw.c (CVE-2017-14246, bsc#1059913):
0031-sfe_copy_data_fp-check-value-of-max-variable.patch
-------------------------------------------------------------------
Tue Aug 8 11:00:09 CEST 2017 - tiwai@suse.de
- Fix Heap-based Buffer Overflow in the psf_binheader_writef
(CVE-2017-12562, bsc#1052476):
0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
-------------------------------------------------------------------
Tue Jun 13 08:36:52 CEST 2017 - tiwai@suse.de
- Fix out-of-bounds read memory access in the aiff_read_chanmap()
(CVE-2017-6892, bsc#1043978):
0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
-------------------------------------------------------------------
Tue May 2 14:06:40 CEST 2017 - tiwai@suse.de
- Fix FLAC buffer overflows (CVE-2017-8361 CVE-2017-8363
CVE-2017-8365 CVE-2017-8362 bsc#1036944 bsc#1036945 bsc#1036946
bsc#1036943):
0001-FLAC-Fix-a-buffer-read-overrun.patch
0002-src-flac.c-Fix-a-buffer-read-overflow.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Apr 10 10:47:58 CEST 2017 - tiwai@suse.de Mon Apr 10 10:47:58 CEST 2017 - tiwai@suse.de