pool/opus
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 450587 from multimedia:libs

Browse Source 
1

OBS-URL: https://build.opensuse.org/request/show/450587
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/opus?expand=0&rev=14
This commit is contained in:
Dominique Leuenberger 2017-01-24 09:27:36 +00:00 committed by Git OBS Bridge
commit 00c2645c9c
3 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
opus-NLSF-not-negative.patch Normal file
View File

@ -0,0 +1,27 @@
From 79e8f527b0344b0897a65be35e77f7885bd99409 Mon Sep 17 00:00:00 2001
From: Felicia Lim <flim@google.com>
Date: Thu, 28 Jul 2016 15:21:19 +0200
Subject: [PATCH] Ensure that NLSF cannot be negative when computing a min
distance between them
Signed-off-by: Jean-Marc Valin <jmvalin@jmvalin.ca>
---
silk/NLSF_stabilize.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/silk/NLSF_stabilize.c b/silk/NLSF_stabilize.c
index 1fa1ea3..8f3426b 100644
--- a/silk/NLSF_stabilize.c
+++ b/silk/NLSF_stabilize.c
@@ -130,7 +130,7 @@ void silk_NLSF_stabilize(
/* Keep delta_min distance between the NLSFs */
for( i = 1; i < L; i++ )
- NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], NLSF_Q15[i-1] + NDeltaMin_Q15[i] );
+ NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], silk_ADD_SAT16( NLSF_Q15[i-1], NDeltaMin_Q15[i] ) );
/* Last NLSF should be no higher than 1 - NDeltaMin[L] */
NLSF_Q15[L-1] = silk_min_int( NLSF_Q15[L-1], (1<<15) - NDeltaMin_Q15[L] );
--
2.1.4

8
opus.changes
View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Mon Jan 16 20:56:54 UTC 2017 - zaitor@opensuse.org
- Fix CVE-2017-0381 (boo#1020102), opus: remote code execution
vulnerability in silk/NLSF_stabilize.c.
- Add opus-NLSF-not-negative.patch: Ensure that NLSF cannot be
negative when computing a min distance between them.
-------------------------------------------------------------------
Sat Aug 13 15:26:11 UTC 2016 - zaitor@opensuse.org

5
opus.spec
View File

@ -1,7 +1,7 @@
#
# spec file for package opus
#
# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
# Copyright (c) 2012 Pascal Bleser <pascal.bleser@opensuse.org>
#
# All modifications and additions to the file contributed by third parties
@ -27,6 +27,8 @@ Group: System/Libraries
Url: http://opus-codec.org/
Source: http://downloads.xiph.org/releases/opus/%{name}-%{version}.tar.gz
Source99: baselibs.conf
# PATCH-FIX-UPSTREAM opus-NLSF-not-negative.patch CVE-2017-0381 boo#1020102 zaitor@opensuse.org -- Ensure that NLSF cannot be negative when computing a min distance between them.
Patch0: opus-NLSF-not-negative.patch
BuildRequires: pkg-config
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -66,6 +68,7 @@ technology from Skype's SILK codec and Xiph.Org's CELT codec.
%prep
%setup -q
%patch0 -p1
%build
%configure \