rpm/aubio
SHA256
1
0
Fork 0
forked from pool/aubio
Code Pull Requests Activity

Accepting request 627873 from home:tiwai:branches:multimedia:libs

Browse Source 
- Fix minor security issues leading to segfault or buffer overread
  (CVE-2018-14522, bsc#1102359, CVE-2018-14523, bsc#1102364):
  0001-src-pitch-pitchyinfft.c-fix-out-of-bound-read-when-s.patch
  0002-src-pitch-pitchyinfft.c-comment-out-debug-output.patch
  0001-src-notes-notes.c-bail-out-if-pitch-creation-failed-.patch
  0002-src-io-source_wavread.c-also-exit-if-samplerate-is-n.patch
- Refresh the previous fixes from the upstream version
  aubio-wavread-input-validation.patch
  aubio-resampler-NULL-deref-fix.patch

OBS-URL: https://build.opensuse.org/request/show/627873
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/aubio?expand=0&rev=25
This commit is contained in:
Takashi Iwai
2018-08-07 13:34:56 +00:00
committed by Git OBS Bridge
parent 93d5f1eecb
commit a3d4a60444
8 changed files with 168 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
aubio.spec
View File

@@ -42,8 +42,16 @@ Release: 0
Source: http://aubio.org/pub/%{name}-%{version}.tar.bz2
Source1: http://aubio.org/pub/%{name}-%{version}.tar.bz2.asc
Source99: baselibs.conf
# PATCH-FIX-UPSTREAM CVE-2017-17054 bsc#1070399
Patch1: aubio-wavread-input-validation.patch
# PATCH-FIX-UPSTREAM CVE-2017-17554 bsc#1072317
Patch2: aubio-resampler-NULL-deref-fix.patch
# PATCH-FIX-UPSTREAM CVE-2018-14523 bsc#1102364
Patch3: 0001-src-pitch-pitchyinfft.c-fix-out-of-bound-read-when-s.patch
Patch4: 0002-src-pitch-pitchyinfft.c-comment-out-debug-output.patch
# PATCH-FIX-UPSTREAM CVE-2018-14522 bsc#1102359
Patch5: 0001-src-notes-notes.c-bail-out-if-pitch-creation-failed-.patch
Patch6: 0002-src-io-source_wavread.c-also-exit-if-samplerate-is-n.patch
Url: http://aubio.org
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%define debug_package_requires %{libpkgname} = %{version}-%{release}
@@ -87,6 +95,10 @@ This package includes the example programs for aubio library.
%setup -q
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
sed -e "s,/lib,/%_lib," src/wscript_build > src/wscript_build.new
diff -u src/wscript_build src/wscript_build.new || :
mv src/wscript_build.new src/wscript_build