From f17f56753bc8b6560aaf4e532da7c966ccafe16d4583a44478d9afa671731481 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Tue, 22 Apr 2008 23:59:02 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xine-lib?expand=0&rev=7 --- vdr-xine-0.8.2.diff.bz2 | 3 +++ vdr-xine-lib-0.8.1.diff.bz2 | 3 --- vdr-xine-libdir.diff | 17 ------------- xine-lib-1.1.11.1-CVE-2008-1686-speex.diff | 27 ++++++++++++++++++++ xine-lib-CVE-2008-1878.diff | 17 +++++++++++++ xine-lib.changes | 19 ++++++++++++++ xine-lib.spec | 29 +++++++++++++++------- 7 files changed, 86 insertions(+), 29 deletions(-) create mode 100644 vdr-xine-0.8.2.diff.bz2 delete mode 100644 vdr-xine-lib-0.8.1.diff.bz2 delete mode 100644 vdr-xine-libdir.diff create mode 100644 xine-lib-1.1.11.1-CVE-2008-1686-speex.diff create mode 100644 xine-lib-CVE-2008-1878.diff diff --git a/vdr-xine-0.8.2.diff.bz2 b/vdr-xine-0.8.2.diff.bz2 new file mode 100644 index 0000000..120f6e9 --- /dev/null +++ b/vdr-xine-0.8.2.diff.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3a74748c5feb9f3043d52fe64a872b4bc5a087af7fb1e4c88eccd54bb6958c7c +size 22824 diff --git a/vdr-xine-lib-0.8.1.diff.bz2 b/vdr-xine-lib-0.8.1.diff.bz2 deleted file mode 100644 index 5d18286..0000000 --- a/vdr-xine-lib-0.8.1.diff.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ab172925fb278e5953526435c3a6aad7b3969307051ed23db86ff1473c07aa0f -size 21891 diff --git a/vdr-xine-libdir.diff b/vdr-xine-libdir.diff deleted file mode 100644 index c669a76..0000000 --- a/vdr-xine-libdir.diff +++ /dev/null @@ -1,17 +0,0 @@ -Index: xine-lib-1.1.10/src/vdr/Makefile.am -=================================================================== ---- xine-lib-1.1.10.orig/src/vdr/Makefile.am -+++ xine-lib-1.1.10/src/vdr/Makefile.am -@@ -2,11 +2,9 @@ include $(top_srcdir)/misc/Makefile.comm - - - --libdir = $(XINE_PLUGINDIR) -- - AM_CFLAGS = -D_LARGEFILE64_SOURCE - --lib_LTLIBRARIES = \ -+xineplug_LTLIBRARIES = \ - xineplug_vdr.la - - xineplug_vdr_la_SOURCES = combined_vdr.c input_vdr.c post_vdr_video.c post_vdr_audio.c diff --git a/xine-lib-1.1.11.1-CVE-2008-1686-speex.diff b/xine-lib-1.1.11.1-CVE-2008-1686-speex.diff new file mode 100644 index 0000000..75772dd --- /dev/null +++ b/xine-lib-1.1.11.1-CVE-2008-1686-speex.diff @@ -0,0 +1,27 @@ +Index: xine-lib-1.1.11.1/src/libxineadec/xine_speex_decoder.c +=================================================================== +--- xine-lib-1.1.11.1.orig/src/libxineadec/xine_speex_decoder.c ++++ xine-lib-1.1.11.1/src/libxineadec/xine_speex_decoder.c +@@ -204,7 +204,7 @@ static void speex_decode_data (audio_dec + if (!this->st) { + SpeexMode * spx_mode; + SpeexHeader * spx_header; +- int modeID; ++ unsigned int modeID; + int bitrate; + + speex_bits_init (&this->bits); +@@ -216,7 +216,12 @@ static void speex_decode_data (audio_dec + return; + } + +- modeID = spx_header->mode; ++ modeID = (unsigned int)spx_header->mode; ++ if (modeID >= SPEEX_NB_MODES) { ++ xprintf(this->stream->xine, XINE_VERBOSITY_DEBUG, LOG_MODULE ": invalid mode ID %u\n", modeID); ++ return; ++ } ++ + spx_mode = (SpeexMode *) speex_mode_list[modeID]; + + if (spx_mode->bitstream_version != spx_header->mode_bitstream_version) { diff --git a/xine-lib-CVE-2008-1878.diff b/xine-lib-CVE-2008-1878.diff new file mode 100644 index 0000000..ffe99eb --- /dev/null +++ b/xine-lib-CVE-2008-1878.diff @@ -0,0 +1,17 @@ +Index: xine-lib-1.1.11.1/src/demuxers/demux_nsf.c +=================================================================== +--- xine-lib-1.1.11.1.orig/src/demuxers/demux_nsf.c ++++ xine-lib-1.1.11.1/src/demuxers/demux_nsf.c +@@ -106,9 +106,9 @@ static int open_nsf_file(demux_nsf_t *th + + this->total_songs = header[6]; + this->current_song = header[7]; +- this->title = strdup(&header[0x0E]); +- this->artist = strdup(&header[0x2E]); +- this->copyright = strdup(&header[0x4E]); ++ this->title = strndup((char*)&header[0x0E], 0x20); ++ this->artist = strndup((char*)&header[0x2E], 0x20); ++ this->copyright = strndup((char*)&header[0x4E], 0x20); + + this->filesize = this->input->get_length(this->input); + diff --git a/xine-lib.changes b/xine-lib.changes index e9b508a..3dcf897 100644 --- a/xine-lib.changes +++ b/xine-lib.changes @@ -1,3 +1,22 @@ +------------------------------------------------------------------- +Fri Apr 18 15:07:47 CEST 2008 - lnussel@suse.de + +- fix overflow in nsf demuxer (bnc#380772, CVE-2008-1878) + +------------------------------------------------------------------- +Thu Apr 17 10:48:56 CEST 2008 - lnussel@suse.de + +- Update to vdr-xine-0.8.2 + * bugfix release +- don't use %run_ldconfig anymore +- don't install non-Linux READMEs + +------------------------------------------------------------------- +Tue Apr 15 17:01:11 CEST 2008 - lnussel@suse.de + +- fix insufficient bounds checking in speex decoder (bnc#379106, + CVE-2008-1686) + ------------------------------------------------------------------- Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de diff --git a/xine-lib.spec b/xine-lib.spec index a4878d5..93bcc0a 100644 --- a/xine-lib.spec +++ b/xine-lib.spec @@ -34,7 +34,7 @@ BuildRequires: mad-devel %endif Recommends: opensuse-codecs-installer Version: 1.1.11.1 -Release: 4 +Release: 8 %define abiversion 1.20 Summary: Video Player with Plug-Ins Group: Productivity/Multimedia/Video/Players @@ -52,10 +52,11 @@ Source13: lcd.tar.bz2 Source99: precheckin_cripple_tarball.sh # *** xine-lib: Bugfixes Patch26: xine-lib-doc-fix-X11R6.diff +Patch27: xine-lib-1.1.11.1-CVE-2008-1686-speex.diff +Patch28: xine-lib-CVE-2008-1878.diff # *** Addons -Patch50: vdr-xine-lib-0.8.1.diff.bz2 +Patch50: vdr-xine-0.8.2.diff.bz2 Patch51: vdr-xine-SUSE.diff -Patch52: vdr-xine-libdir.diff Patch61: xine-lib-mjpegplugin.diff # *** SUSE only changes Patch70: xine-lib-crippled-LOCAL.diff @@ -173,7 +174,6 @@ cd xine-lib-%version %patch26 %patch50 -p1 %patch51 -p1 -%patch52 -p1 sed -i 's|^noinst_HEADERS = input_vdr.h|xineinclude_HEADERS = input_vdr.h|' src/vdr/Makefile.am %patch61 -p0 #sed -i 's|^ac_config_files="|ac_config_files="src/vdr/Makefile src/mjpeg/Makefile|' configure @@ -189,6 +189,8 @@ sed -i 's|^noinst_HEADERS = input_vdr.h|xineinclude_HEADERS = input_vdr.h|' src/ %endif %patch72 -p1 %patch73 -p1 +%patch27 -p1 +%patch28 -p1 %build cd xine-lib-%version @@ -221,8 +223,9 @@ cd xine-lib-%version make install DESTDIR=%buildroot LIB="%buildroot%_libdir/xine/plugins/%abiversion" # install documentation -mkdir -p %buildroot%_defaultdocdir install -m 0644 %SOURCE10 COPYING AUTHORS %buildroot%_defaultdocdir/xine/ +# remove usless READMEs +rm %buildroot%_defaultdocdir/xine/README.{irix,solaris,WIN32} %ifarch %ix86 mkdir -p %buildroot/usr/lib/win32 %endif @@ -394,11 +397,9 @@ echo "/usr/share/xine/mad" >> files.internal rm -rf %buildroot %if %BUILD_XINE != 1 -%post -n xine-lib -%run_ldconfig +%post -n xine-lib -p /sbin/ldconfig -%postun -n xine-lib -%run_ldconfig +%postun -n xine-lib -p /sbin/ldconfig %files -n xine-lib -f files %defattr(-,root,root) @@ -451,6 +452,16 @@ echo "/usr/share/xine/mad" >> files.internal %endif %changelog +* Fri Apr 18 2008 lnussel@suse.de +- fix overflow in nsf demuxer (bnc#380772, CVE-2008-1878) +* Thu Apr 17 2008 lnussel@suse.de +- Update to vdr-xine-0.8.2 + * bugfix release +- don't use %%run_ldconfig anymore +- don't install non-Linux READMEs +* Tue Apr 15 2008 lnussel@suse.de +- fix insufficient bounds checking in speex decoder (bnc#379106, + CVE-2008-1686) * Thu Apr 10 2008 ro@suse.de - added baselibs.conf file to build xxbit packages for multilib support