kumquat-buildroot/package/libsndfile
Fabrice Fontaine 76d5ab4d17 package/libsndfile: add upstream security fixes
- Fix CVE-2017-6892: In libsndfile version 1.0.28, an error in the
  "aiff_read_chanmap()" function (aiff.c) can be exploited to cause an
  out-of-bounds read memory access via a specially crafted AIFF file.

- Fix CVE-2017-8361: The flac_buffer_copy function in flac.c in
  libsndfile 1.0.28 allows remote attackers to cause a denial of service
  (buffer overflow and application crash) or possibly have unspecified
  other impact via a crafted audio file.

- Fix CVE-2017-8362: The flac_buffer_copy function in flac.c in
  libsndfile 1.0.28 allows remote attackers to cause a denial of service
  (invalid read and application crash) via a crafted audio file.

- Fix CVE-2017-8363: The flac_buffer_copy function in flac.c in
  libsndfile 1.0.28 allows remote attackers to cause a denial of service
  (heap-based buffer over-read and application crash) via a crafted
  audio file.

- Fix CVE-2017-8365: The i2les_array function in pcm.c in
  libsndfile 1.0.28 allows remote attackers to cause a denial of service
  (buffer over-read and application crash) via a crafted audio file.

- Fix CVE-2017-12562: Heap-based Buffer Overflow in the
  psf_binheader_writef function in common.c in libsndfile through 1.0.28
  allows remote attackers to cause a denial of service (application
  crash) or possibly have unspecified other impact.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-04-02 21:50:19 +02:00
..
0001-double64_init-Check-psf-sf.channels-against-upper-bo.patch
0002-Check-MAX_CHANNELS-in-sndfile-deinterleave.patch
0003-a-ulaw-fix-multiple-buffer-overflows-432.patch
0004-src-wav.c-Fix-heap-read-overflow.patch
0005-wav_write_header-don-t-read-past-the-array-end.patch
0006-src-aiff.c-Fix-a-buffer-read-overflow.patch package/libsndfile: add upstream security fixes 2020-04-02 21:50:19 +02:00
0007-FLAC-Fix-a-buffer-read-overrun.patch package/libsndfile: add upstream security fixes 2020-04-02 21:50:19 +02:00
0008-src-flac.c-Fix-a-buffer-read-overflow.patch package/libsndfile: add upstream security fixes 2020-04-02 21:50:19 +02:00
0009-src-flac-c-Fix-another-memory-leak.patch package/libsndfile: add upstream security fixes 2020-04-02 21:50:19 +02:00
0010-src-common-c-Fix-heap-buffer-overflows-when-writing-strings-in.patch package/libsndfile: add upstream security fixes 2020-04-02 21:50:19 +02:00
Config.in
libsndfile.hash
libsndfile.mk package/libsndfile: add upstream security fixes 2020-04-02 21:50:19 +02:00