forked from pool/libmikmod
This commit is contained in:
OBS User unknown
Git OBS Bridge
parent
a2fc4503ba
commit
61a997e909
31
libmikmod-CVE-2007-6720.diff
Normal file
31
libmikmod-CVE-2007-6720.diff
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
--- loaders/load_xm.c
|
||||||
|
+++ loaders/load_xm.c
|
||||||
|
@@ -622,7 +622,8 @@
|
||||||
|
/* read the remainder of the header */
|
||||||
|
for(u=headend-_mm_ftell(modreader);u;u--) _mm_read_UBYTE(modreader);
|
||||||
|
|
||||||
|
- if(_mm_eof(modreader)) {
|
||||||
|
+ /* last instrument is at the end of file in version 0x0104 */
|
||||||
|
+ if(_mm_eof(modreader) && (mh->version<0x0104 || t<of.numins-1)) {
|
||||||
|
free(nextwav);free(wh);
|
||||||
|
nextwav=NULL;wh=NULL;
|
||||||
|
_mm_errno = MMERR_LOADING_SAMPLEINFO;
|
||||||
|
--- playercode/mloader.c
|
||||||
|
+++ playercode/mloader.c
|
||||||
|
@@ -450,10 +450,12 @@
|
||||||
|
if (!l->Init || l->Init()) {
|
||||||
|
_mm_rewind(modreader);
|
||||||
|
ok = l->Load(curious);
|
||||||
|
- /* propagate inflags=flags for in-module samples */
|
||||||
|
- for (t = 0; t < of.numsmp; t++)
|
||||||
|
- if (of.samples[t].inflags == 0)
|
||||||
|
- of.samples[t].inflags = of.samples[t].flags;
|
||||||
|
+ if (ok) {
|
||||||
|
+ /* propagate inflags=flags for in-module samples */
|
||||||
|
+ for (t = 0; t < of.numsmp; t++)
|
||||||
|
+ if (of.samples[t].inflags == 0)
|
||||||
|
+ of.samples[t].inflags = of.samples[t].flags;
|
||||||
|
+ }
|
||||||
|
} else
|
||||||
|
ok = 0;
|
||||||
|
|
||||||
@ -1,3 +1,8 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Fri Jan 23 16:44:16 CET 2009 - prusnak@suse.cz
|
||||||
|
|
||||||
|
- fixed DoS CVE-2007-6720 [bnc#468760]
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Fri Jan 9 13:37:54 CET 2009 - crrodriguez@suse.de
|
Fri Jan 9 13:37:54 CET 2009 - crrodriguez@suse.de
|
||||||
|
|
||||||
|
|||||||
@ -25,7 +25,7 @@ License: LGPL v2.1 or later
|
|||||||
Group: System/Libraries
|
Group: System/Libraries
|
||||||
Summary: MikMod Sound Library
|
Summary: MikMod Sound Library
|
||||||
Version: 3.1.11a
|
Version: 3.1.11a
|
||||||
Release: 113
|
Release: 114
|
||||||
%define _version 3.1.11
|
%define _version 3.1.11
|
||||||
# bug437293
|
# bug437293
|
||||||
%ifarch ppc64
|
%ifarch ppc64
|
||||||
@ -38,6 +38,7 @@ Patch1: libmikmod.diff
|
|||||||
Source2: libmikmod-rpmlintrc
|
Source2: libmikmod-rpmlintrc
|
||||||
Patch3: libmikmod-config-fix.dif
|
Patch3: libmikmod-config-fix.dif
|
||||||
Patch4: libmikmod-conftest_fix.diff
|
Patch4: libmikmod-conftest_fix.diff
|
||||||
|
Patch5: libmikmod-CVE-2007-6720.diff
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
|
|
||||||
%description
|
%description
|
||||||
@ -79,6 +80,7 @@ mtm, xm, and it.
|
|||||||
%patch1
|
%patch1
|
||||||
%patch3
|
%patch3
|
||||||
%patch4
|
%patch4
|
||||||
|
%patch5
|
||||||
|
|
||||||
%build
|
%build
|
||||||
autoreconf -f -i
|
autoreconf -f -i
|
||||||
@ -119,6 +121,8 @@ rm -rf $RPM_BUILD_ROOT
|
|||||||
%doc %{_mandir}/man1/*-config.*
|
%doc %{_mandir}/man1/*-config.*
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jan 23 2009 prusnak@suse.cz
|
||||||
|
- fixed DoS CVE-2007-6720 [bnc#468760]
|
||||||
* Fri Jan 09 2009 crrodriguez@suse.de
|
* Fri Jan 09 2009 crrodriguez@suse.de
|
||||||
- remove static libraries and "la" files
|
- remove static libraries and "la" files
|
||||||
* Wed Jan 07 2009 olh@suse.de
|
* Wed Jan 07 2009 olh@suse.de
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user