OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvorbis?expand=0&rev=4

2007-07-26 23:58:11 +00:00 · 2007-07-26 23:58:11 +00:00 · ae2f49d8c7
commit ae2f49d8c7
parent 941e237aff
3 changed files with 62 additions and 7 deletions
--- a/libvorbis-maptype-check.diff
+++ b/libvorbis-maptype-check.diff
@ -0,0 +1,41 @@
+Index: lib/info.c
+===================================================================
+--- lib/info.c	(revision 13159)
+++ lib/info.c	(revision 13160)
+@@ -139,7 +139,7 @@
+   memset(vc,0,sizeof(*vc));
+ }
+ 
+-/* blocksize 0 is guaranteed to be short, 1 is guarantted to be long.
+/* blocksize 0 is guaranteed to be short, 1 is guaranteed to be long.
+    They may be equal, but short will never ge greater than long */
+ int vorbis_info_blocksize(vorbis_info *vi,int zo){
+   codec_setup_info *ci = vi->codec_setup;
+@@ -162,14 +162,23 @@
+       if(ci->mode_param[i])_ogg_free(ci->mode_param[i]);
+ 
+     for(i=0;i<ci->maps;i++) /* unpack does the range checking */
+-      _mapping_P[ci->map_type[i]]->free_info(ci->map_param[i]);
+      if(ci->map_param[i]) /* this may be cleaning up an aborted
+			      unpack, in which case the below type
+			      cannot be trusted */
+	_mapping_P[ci->map_type[i]]->free_info(ci->map_param[i]);
+ 
+     for(i=0;i<ci->floors;i++) /* unpack does the range checking */
+-      _floor_P[ci->floor_type[i]]->free_info(ci->floor_param[i]);
+      if(ci->floor_param[i]) /* this may be cleaning up an aborted
+				unpack, in which case the below type
+				cannot be trusted */
+	_floor_P[ci->floor_type[i]]->free_info(ci->floor_param[i]);
+     
+     for(i=0;i<ci->residues;i++) /* unpack does the range checking */
+-      _residue_P[ci->residue_type[i]]->free_info(ci->residue_param[i]);
+-
+      if(ci->residue_param[i]) /* this may be cleaning up an aborted
+				  unpack, in which case the below type
+				  cannot be trusted */
+	_residue_P[ci->residue_type[i]]->free_info(ci->residue_param[i]);
+    
+     for(i=0;i<ci->books;i++){
+       if(ci->book_param[i]){
+ 	/* knows if the book was not alloced */
--- a/libvorbis.changes
+++ b/libvorbis.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Mon Jul  9 10:48:33 CEST 2007 - tiwai@suse.de
+
+- fix array boundary conditional flaw in mapping (#287124,
+  CVE-2007-3106)
+
 -------------------------------------------------------------------
 Mon Apr 23 18:06:06 CEST 2007 - tiwai@suse.de

--- a/libvorbis.spec
+++ b/libvorbis.spec
@ -14,9 +14,9 @@ Name:           libvorbis
 BuildRequires:  libogg-devel pkgconfig
 Summary:        The Vorbis General Audio Compression Codec
 Version:        1.1.2
-Release:        45
+Release:        64
 Group:          System/Libraries
-License:        BSD License and BSD-like
+License:        BSD 3-Clause
 URL:            http://www.vorbis.com/
 Source:         %{name}-%{version}.tar.bz2
 Patch1:         libvorbis-lib64.dif
@ -24,12 +24,16 @@ Patch2:         libvorbis-m4.dif
 Patch5:         libvorbis-%{version}-aotuv-b5.diff
 Patch6:         libvorbis-%{version}-warning-fixes.diff
 Patch7:         libvorbis-cflags.diff
+Patch8:         libvorbis-maptype-check.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build

 %description
-Ogg Vorbis is a fully open, nonproprietary, patent-and-royalty-free,
-and general-purpose compressed audio format for audio and music at
-fixed and variable bit rates from 16 to 128 kbps/channel.
+Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and
+general-purpose compressed audio format for audio and music at fixed
+and variable bit rates from 16 to 128 kbps/channel.
+
+The native bitstream format of Vorbis is libogg (Ogg). Alternatively,
+libmatroska (matroska) can also be used.



@ -39,14 +43,14 @@ Authors:
    Xiphophorus Company <team@xiph.org>

 %package devel
-Summary:        Include Files and Libraries mandatory for Development.
+Summary:        Include Files and Libraries mandatory for Ogg Vorbis Development
 Group:          Development/Libraries/C and C++
 Requires:       glibc-devel, libogg-devel
 Requires:       %{name} = %{version}

 %description devel
 This package contains all necessary include files and libraries needed
-to develop applications that require these.
+to compile and develop applications that use libvorbis.



@ -61,6 +65,7 @@ Authors:
 %patch5
 %patch6
 %patch7
+%patch8
 if [ "%_lib" == "lib64" ]; then
 %patch1
 fi
@ -103,6 +108,9 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
 %{_libdir}/pkgconfig/*.pc

 %changelog
+* Mon Jul 09 2007 - tiwai@suse.de
+- fix array boundary conditional flaw in mapping (#287124,
+  CVE-2007-3106)
 * Mon Apr 23 2007 - tiwai@suse.de
 - use aoTuV beta5 patch:
  * The action of noise normalization has been improved.