This commit is contained in:
OBS User unknown
Git OBS Bridge
parent
941e237aff
commit
ae2f49d8c7
41
libvorbis-maptype-check.diff
Normal file
41
libvorbis-maptype-check.diff
Normal file
@ -0,0 +1,41 @@
|
||||
Index: lib/info.c
|
||||
===================================================================
|
||||
--- lib/info.c (revision 13159)
|
||||
+++ lib/info.c (revision 13160)
|
||||
@@ -139,7 +139,7 @@
|
||||
memset(vc,0,sizeof(*vc));
|
||||
}
|
||||
|
||||
-/* blocksize 0 is guaranteed to be short, 1 is guarantted to be long.
|
||||
+/* blocksize 0 is guaranteed to be short, 1 is guaranteed to be long.
|
||||
They may be equal, but short will never ge greater than long */
|
||||
int vorbis_info_blocksize(vorbis_info *vi,int zo){
|
||||
codec_setup_info *ci = vi->codec_setup;
|
||||
@@ -162,14 +162,23 @@
|
||||
if(ci->mode_param[i])_ogg_free(ci->mode_param[i]);
|
||||
|
||||
for(i=0;i<ci->maps;i++) /* unpack does the range checking */
|
||||
- _mapping_P[ci->map_type[i]]->free_info(ci->map_param[i]);
|
||||
+ if(ci->map_param[i]) /* this may be cleaning up an aborted
|
||||
+ unpack, in which case the below type
|
||||
+ cannot be trusted */
|
||||
+ _mapping_P[ci->map_type[i]]->free_info(ci->map_param[i]);
|
||||
|
||||
for(i=0;i<ci->floors;i++) /* unpack does the range checking */
|
||||
- _floor_P[ci->floor_type[i]]->free_info(ci->floor_param[i]);
|
||||
+ if(ci->floor_param[i]) /* this may be cleaning up an aborted
|
||||
+ unpack, in which case the below type
|
||||
+ cannot be trusted */
|
||||
+ _floor_P[ci->floor_type[i]]->free_info(ci->floor_param[i]);
|
||||
|
||||
for(i=0;i<ci->residues;i++) /* unpack does the range checking */
|
||||
- _residue_P[ci->residue_type[i]]->free_info(ci->residue_param[i]);
|
||||
-
|
||||
+ if(ci->residue_param[i]) /* this may be cleaning up an aborted
|
||||
+ unpack, in which case the below type
|
||||
+ cannot be trusted */
|
||||
+ _residue_P[ci->residue_type[i]]->free_info(ci->residue_param[i]);
|
||||
+
|
||||
for(i=0;i<ci->books;i++){
|
||||
if(ci->book_param[i]){
|
||||
/* knows if the book was not alloced */
|
||||
@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 9 10:48:33 CEST 2007 - tiwai@suse.de
|
||||
|
||||
- fix array boundary conditional flaw in mapping (#287124,
|
||||
CVE-2007-3106)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 23 18:06:06 CEST 2007 - tiwai@suse.de
|
||||
|
||||
|
||||
@ -14,9 +14,9 @@ Name: libvorbis
|
||||
BuildRequires: libogg-devel pkgconfig
|
||||
Summary: The Vorbis General Audio Compression Codec
|
||||
Version: 1.1.2
|
||||
Release: 45
|
||||
Release: 64
|
||||
Group: System/Libraries
|
||||
License: BSD License and BSD-like
|
||||
License: BSD 3-Clause
|
||||
URL: http://www.vorbis.com/
|
||||
Source: %{name}-%{version}.tar.bz2
|
||||
Patch1: libvorbis-lib64.dif
|
||||
@ -24,12 +24,16 @@ Patch2: libvorbis-m4.dif
|
||||
Patch5: libvorbis-%{version}-aotuv-b5.diff
|
||||
Patch6: libvorbis-%{version}-warning-fixes.diff
|
||||
Patch7: libvorbis-cflags.diff
|
||||
Patch8: libvorbis-maptype-check.diff
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
|
||||
%description
|
||||
Ogg Vorbis is a fully open, nonproprietary, patent-and-royalty-free,
|
||||
and general-purpose compressed audio format for audio and music at
|
||||
fixed and variable bit rates from 16 to 128 kbps/channel.
|
||||
Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and
|
||||
general-purpose compressed audio format for audio and music at fixed
|
||||
and variable bit rates from 16 to 128 kbps/channel.
|
||||
|
||||
The native bitstream format of Vorbis is libogg (Ogg). Alternatively,
|
||||
libmatroska (matroska) can also be used.
|
||||
|
||||
|
||||
|
||||
@ -39,14 +43,14 @@ Authors:
|
||||
Xiphophorus Company <team@xiph.org>
|
||||
|
||||
%package devel
|
||||
Summary: Include Files and Libraries mandatory for Development.
|
||||
Summary: Include Files and Libraries mandatory for Ogg Vorbis Development
|
||||
Group: Development/Libraries/C and C++
|
||||
Requires: glibc-devel, libogg-devel
|
||||
Requires: %{name} = %{version}
|
||||
|
||||
%description devel
|
||||
This package contains all necessary include files and libraries needed
|
||||
to develop applications that require these.
|
||||
to compile and develop applications that use libvorbis.
|
||||
|
||||
|
||||
|
||||
@ -61,6 +65,7 @@ Authors:
|
||||
%patch5
|
||||
%patch6
|
||||
%patch7
|
||||
%patch8
|
||||
if [ "%_lib" == "lib64" ]; then
|
||||
%patch1
|
||||
fi
|
||||
@ -103,6 +108,9 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
|
||||
%{_libdir}/pkgconfig/*.pc
|
||||
|
||||
%changelog
|
||||
* Mon Jul 09 2007 - tiwai@suse.de
|
||||
- fix array boundary conditional flaw in mapping (#287124,
|
||||
CVE-2007-3106)
|
||||
* Mon Apr 23 2007 - tiwai@suse.de
|
||||
- use aoTuV beta5 patch:
|
||||
* The action of noise normalization has been improved.
|
||||
|
||||
Loading…
Reference in New Issue
Block a user