kumquat-buildroot/package/libsndfile
Fabrice Fontaine 3426b37ebb package/libsndfile: fix CVE-2019-3832
It was discovered the fix for CVE-2018-19758 (libsndfile) was not
complete and still allows a read beyond the limits of a buffer in
wav_write_header() function in wav.c. A local attacker may use this flaw
to make the application crash.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-03-05 16:42:47 +01:00
..
0001-double64_init-Check-psf-sf.channels-against-upper-bo.patch
0002-Check-MAX_CHANNELS-in-sndfile-deinterleave.patch
0003-a-ulaw-fix-multiple-buffer-overflows-432.patch
0004-src-wav.c-Fix-heap-read-overflow.patch
0005-wav_write_header-don-t-read-past-the-array-end.patch
Config.in
libsndfile.hash
libsndfile.mk