pool/libvpx
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 519848 from multimedia:libs

Browse Source 
fix DoS attack vector

OBS-URL: https://build.opensuse.org/request/show/519848
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/libvpx?expand=0&rev=33
This commit is contained in:
Dominique Leuenberger 2017-09-07 20:07:43 +00:00 committed by Git OBS Bridge
commit fd4e4931af
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libvpx.changes
View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Aug 31 06:26:03 UTC 2017 - adrian@suse.de
- limit maximum size to 8K Fulldome resolution to avoid
DoS attacks. CVE-2017-0641 boo#1056539
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Mar 3 09:25:31 UTC 2017 - tchvatal@suse.com Fri Mar 3 09:25:31 UTC 2017 - tchvatal@suse.com

7
libvpx.spec
View File

@ -131,6 +131,13 @@ cd build
--extra-cflags="-std=gnu89 -U_FORTIFY_SOURCE %{optflags}" \ --extra-cflags="-std=gnu89 -U_FORTIFY_SOURCE %{optflags}" \
--extra-cxxflags="-U_FORTIFY_SOURCE %{optflags}" \ --extra-cxxflags="-U_FORTIFY_SOURCE %{optflags}" \
--enable-pic --enable-pic
# size-limit to avoid CVE-2017-0641 DoS attacks. The limit is the
# 8K Fulldome resolution and should be enough for all current use cases
# bso#1056539
# the --size-limit switch is broken atm ...
echo '#define DECODE_WIDTH_LIMIT 8192' >> vpx_config.h
echo '#define DECODE_HEIGHT_LIMIT 8192' >> vpx_config.h
make %{?_smp_mflags} verbose=yes GEN_EXAMPLES= make %{?_smp_mflags} verbose=yes GEN_EXAMPLES=
%install %install