kumquat-buildroot/package/libvorbis
Fabrice Fontaine e21730db5c package/libvorbis: annote CVE-2018-10393
bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a
stack-based buffer over-read.

Same patch as for CVE-2017-14160

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr:
  - update 0001-*.patch to also reference CVE-2018-10393
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2020-03-01 19:13:45 +01:00
..
0001-CVE-2017-14160-fix-bounds-check-on-very-low-sample-rates.patch
0002-Sanity-check-number-of-channels-in-setup.patch
Config.in
libvorbis.hash
libvorbis.mk