diff options
| author | A. Wilcox <awilcox@wilcox-tech.com> | 2018-12-08 17:31:33 +0000 |
|---|---|---|
| committer | A. Wilcox <awilcox@wilcox-tech.com> | 2018-12-08 17:31:33 +0000 |
| commit | bde2825df3cba470104d79b5f7dc1c0494d17bfd (patch) | |
| tree | 1e38116c89741c54efd8b04e2c3b0e472d260591 | |
| parent | 39af0df5ca8d7acd233d6cc872d184c41fbe6737 (diff) | |
| parent | a7d8e4c0862ec2c0309809f30e6d3205971c12b2 (diff) | |
| download | packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.tar.gz packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.tar.bz2 packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.tar.xz packages-bde2825df3cba470104d79b5f7dc1c0494d17bfd.zip | |
Merge branch 'secfixes.aerdan.20181206' into 'master'
Security fixes for Perl and WavPack
See merge request !126
| -rw-r--r-- | system/perl/APKBUILD | 10 | ||||
| -rw-r--r-- | user/wavpack/APKBUILD | 14 | ||||
| -rw-r--r-- | user/wavpack/cve2018-19840.patch | 25 | ||||
| -rw-r--r-- | user/wavpack/cve2018-19841.patch | 29 |
4 files changed, 73 insertions, 5 deletions
diff --git a/system/perl/APKBUILD b/system/perl/APKBUILD index a492a84bd..5f4410851 100644 --- a/system/perl/APKBUILD +++ b/system/perl/APKBUILD @@ -3,7 +3,7 @@ # Maintainer: Kiyoshi Aman <kiyoshi.aman+adelie@gmail.com> # Proxy-For: solar pkgname=perl -pkgver=5.26.2 +pkgver=5.26.3 pkgrel=0 pkgdesc="Larry Wall's Practical Extraction and Report Language" url="http://www.perl.org/" @@ -18,6 +18,12 @@ source="http://www.cpan.org/src/5.0/perl-$pkgver.tar.gz " # secfixes: +# 5.26.3-r0: +# - CVE-2018-12015 +# - CVE-2018-18311 +# - CVE-2018-18312 +# - CVE-2018-18313 +# - CVE-2018-18314 # 5.26.1-r0: # - CVE-2017-12837 # - CVE-2017-12883 @@ -109,4 +115,4 @@ dev() { default_dev } -sha512sums="166d767f748a911b969fc8008069f087927cbdd9ee21b375b31e5feb5afc2be8d80d68f8c291accee6fdf3be90e9dc2fc870cb9c0bd1cc68c6e001e4ed38d564 perl-5.26.2.tar.gz" +sha512sums="03914ed51163c998a6afa45610a13cf50124a2c68d291c344b0d52fa15c27fc5d5d4f5dc117516078a03dfd51250097b87c8d5e2b17c7858a4c8c536aecd05af perl-5.26.3.tar.gz" diff --git a/user/wavpack/APKBUILD b/user/wavpack/APKBUILD index a98666d6e..e59ef255e 100644 --- a/user/wavpack/APKBUILD +++ b/user/wavpack/APKBUILD @@ -3,7 +3,7 @@ # Maintainer: pkgname=wavpack pkgver=5.1.0 -pkgrel=3 +pkgrel=4 pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes" url="http://www.wavpack.com/" arch="all" @@ -12,9 +12,15 @@ license="BSD-3-Clause" depends="" makedepends="" subpackages="$pkgname-dev $pkgname-doc" -source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2" +source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2 + cve2018-19840.patch + cve2018-19841.patch + " # secfixes: +# 5.1.0-r4: +# - CVE-2018-19840 +# - CVE-2018-19840 # 5.1.0-r0: # - CVE-2016-10169 # - CVE-2016-10170 @@ -46,4 +52,6 @@ package() { make DESTDIR="$pkgdir" install } -sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2" +sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2 +67d02dd744c638d126cf5a894d1ff2c39726bd4d3771ef7410ea782e5c9a0f9341909432bd4bea9b8959891c38699601c1aac2da6e0eaddaa5a4d679e7f58dd2 cve2018-19840.patch +dba007fa8cb2537b6f6c8ee559a98e501e948260ce7e7af7d3fdc8c9145bbbbf85c8fed8030de354459c4b08d3015a0ea769a948636bdfd66e567c0a2d2493c6 cve2018-19841.patch" diff --git a/user/wavpack/cve2018-19840.patch b/user/wavpack/cve2018-19840.patch new file mode 100644 index 000000000..2da022025 --- /dev/null +++ b/user/wavpack/cve2018-19840.patch @@ -0,0 +1,25 @@ +From 070ef6f138956d9ea9612e69586152339dbefe51 Mon Sep 17 00:00:00 2001 +From: David Bryant <david@wavpack.com> +Date: Thu, 29 Nov 2018 21:00:42 -0800 +Subject: [PATCH] issue #53: error out on zero sample rate + +--- + src/pack_utils.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/src/pack_utils.c b/src/pack_utils.c +index 2253f0d..2a83497 100644 +--- a/src/pack_utils.c ++++ b/src/pack_utils.c +@@ -195,6 +195,11 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64 + int num_chans = config->num_channels; + int i; + ++ if (!config->sample_rate) { ++ strcpy (wpc->error_message, "sample rate cannot be zero!"); ++ return FALSE; ++ } ++ + wpc->stream_version = (config->flags & CONFIG_COMPATIBLE_WRITE) ? CUR_STREAM_VERS : MAX_STREAM_VERS; + + if ((config->qmode & QMODE_DSD_AUDIO) && config->bytes_per_sample == 1 && config->bits_per_sample == 8) { diff --git a/user/wavpack/cve2018-19841.patch b/user/wavpack/cve2018-19841.patch new file mode 100644 index 000000000..6872ed91e --- /dev/null +++ b/user/wavpack/cve2018-19841.patch @@ -0,0 +1,29 @@ +From bba5389dc598a92bdf2b297c3ea34620b6679b5b Mon Sep 17 00:00:00 2001 +From: David Bryant <david@wavpack.com> +Date: Thu, 29 Nov 2018 21:53:51 -0800 +Subject: [PATCH] issue #54: fix potential out-of-bounds heap read + +--- + src/open_utils.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/open_utils.c b/src/open_utils.c +index 80051fc..4fe0d67 100644 +--- a/src/open_utils.c ++++ b/src/open_utils.c +@@ -1258,13 +1258,13 @@ int WavpackVerifySingleBlock (unsigned char *buffer, int verify_checksum) + #endif + + if (meta_bc == 4) { +- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff) || *dp++ != ((csum >> 16) & 0xff) || *dp++ != ((csum >> 24) & 0xff)) ++ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff) || dp[2] != ((csum >> 16) & 0xff) || dp[3] != ((csum >> 24) & 0xff)) + return FALSE; + } + else { + csum ^= csum >> 16; + +- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff)) ++ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff)) + return FALSE; + } + |