summaryrefslogtreecommitdiff
path: root/user/wavpack
diff options
context:
space:
mode:
Diffstat (limited to 'user/wavpack')
-rw-r--r--user/wavpack/APKBUILD43
-rw-r--r--user/wavpack/cve2018-19840.patch25
-rw-r--r--user/wavpack/cve2018-19841.patch29
3 files changed, 24 insertions, 73 deletions
diff --git a/user/wavpack/APKBUILD b/user/wavpack/APKBUILD
index e59ef255e..43aefeb03 100644
--- a/user/wavpack/APKBUILD
+++ b/user/wavpack/APKBUILD
@@ -2,8 +2,8 @@
# Contributor: Carlo Landmeter
# Maintainer:
pkgname=wavpack
-pkgver=5.1.0
-pkgrel=4
+pkgver=5.2.0
+pkgrel=1
pkgdesc="Audio compression format with lossless, lossy, and hybrid compression modes"
url="http://www.wavpack.com/"
arch="all"
@@ -12,25 +12,33 @@ license="BSD-3-Clause"
depends=""
makedepends=""
subpackages="$pkgname-dev $pkgname-doc"
-source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2
- cve2018-19840.patch
- cve2018-19841.patch
- "
+source="http://www.wavpack.com/$pkgname-$pkgver.tar.bz2"
# secfixes:
+# 5.2.0-r0:
+# - CVE-2018-6767
+# - CVE-2018-7253
+# - CVE-2018-7254
+# - CVE-2018-10536
+# - CVE-2018-10537
+# - CVE-2018-10538
+# - CVE-2018-10539
+# - CVE-2018-10540
+# - CVE-2019-11498
+# - CVE-2019-1010315
+# - CVE-2019-1010317
+# - CVE-2019-1010319
# 5.1.0-r4:
-# - CVE-2018-19840
-# - CVE-2018-19840
+# - CVE-2018-19840
+# - CVE-2018-19841
# 5.1.0-r0:
-# - CVE-2016-10169
-# - CVE-2016-10170
-# - CVE-2016-10171
-# - CVE-2016-10172
+# - CVE-2016-10169
+# - CVE-2016-10170
+# - CVE-2016-10171
+# - CVE-2016-10172
build() {
- cd "$builddir"
-
- local _arch_opts=
+ _arch_opts=""
case "$CARCH" in
x86 | x86_64) _arch_opts="--enable-mmx" ;;
esac
@@ -48,10 +56,7 @@ build() {
}
package() {
- cd "$builddir"
make DESTDIR="$pkgdir" install
}
-sha512sums="4c31616ae63c3a875afa20f26ce935f7a8f9921e2892b4b8388eca3ccd83b2d686f43eed8b9ec1dead934a1148401b9dced3b05f509b7942c48d7af31cf80a54 wavpack-5.1.0.tar.bz2
-67d02dd744c638d126cf5a894d1ff2c39726bd4d3771ef7410ea782e5c9a0f9341909432bd4bea9b8959891c38699601c1aac2da6e0eaddaa5a4d679e7f58dd2 cve2018-19840.patch
-dba007fa8cb2537b6f6c8ee559a98e501e948260ce7e7af7d3fdc8c9145bbbbf85c8fed8030de354459c4b08d3015a0ea769a948636bdfd66e567c0a2d2493c6 cve2018-19841.patch"
+sha512sums="456da78fb5d01b33a8ed71b43cb6809a25ca0d54e53858b93bbb3eb26923bfa6de4c6a3c01caca947c0852aea74d1b14667205dae344148a01619e67eb2c7e71 wavpack-5.2.0.tar.bz2"
diff --git a/user/wavpack/cve2018-19840.patch b/user/wavpack/cve2018-19840.patch
deleted file mode 100644
index 2da022025..000000000
--- a/user/wavpack/cve2018-19840.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From 070ef6f138956d9ea9612e69586152339dbefe51 Mon Sep 17 00:00:00 2001
-From: David Bryant <david@wavpack.com>
-Date: Thu, 29 Nov 2018 21:00:42 -0800
-Subject: [PATCH] issue #53: error out on zero sample rate
-
----
- src/pack_utils.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/src/pack_utils.c b/src/pack_utils.c
-index 2253f0d..2a83497 100644
---- a/src/pack_utils.c
-+++ b/src/pack_utils.c
-@@ -195,6 +195,11 @@ int WavpackSetConfiguration64 (WavpackContext *wpc, WavpackConfig *config, int64
- int num_chans = config->num_channels;
- int i;
-
-+ if (!config->sample_rate) {
-+ strcpy (wpc->error_message, "sample rate cannot be zero!");
-+ return FALSE;
-+ }
-+
- wpc->stream_version = (config->flags & CONFIG_COMPATIBLE_WRITE) ? CUR_STREAM_VERS : MAX_STREAM_VERS;
-
- if ((config->qmode & QMODE_DSD_AUDIO) && config->bytes_per_sample == 1 && config->bits_per_sample == 8) {
diff --git a/user/wavpack/cve2018-19841.patch b/user/wavpack/cve2018-19841.patch
deleted file mode 100644
index 6872ed91e..000000000
--- a/user/wavpack/cve2018-19841.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From bba5389dc598a92bdf2b297c3ea34620b6679b5b Mon Sep 17 00:00:00 2001
-From: David Bryant <david@wavpack.com>
-Date: Thu, 29 Nov 2018 21:53:51 -0800
-Subject: [PATCH] issue #54: fix potential out-of-bounds heap read
-
----
- src/open_utils.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/open_utils.c b/src/open_utils.c
-index 80051fc..4fe0d67 100644
---- a/src/open_utils.c
-+++ b/src/open_utils.c
-@@ -1258,13 +1258,13 @@ int WavpackVerifySingleBlock (unsigned char *buffer, int verify_checksum)
- #endif
-
- if (meta_bc == 4) {
-- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff) || *dp++ != ((csum >> 16) & 0xff) || *dp++ != ((csum >> 24) & 0xff))
-+ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff) || dp[2] != ((csum >> 16) & 0xff) || dp[3] != ((csum >> 24) & 0xff))
- return FALSE;
- }
- else {
- csum ^= csum >> 16;
-
-- if (*dp++ != (csum & 0xff) || *dp++ != ((csum >> 8) & 0xff))
-+ if (*dp != (csum & 0xff) || dp[1] != ((csum >> 8) & 0xff))
- return FALSE;
- }
-
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2024-09-22 19:18:27 +0000