From 48062dbff757ffabd9a580ee8de6b05d37dcc4bd Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Mon, 9 Jul 2018 21:49:59 -0500 Subject: user/libvorbis: pull in, bump, fix --- user/libvorbis/APKBUILD | 41 ++++++++++++++++++++++++++ user/libvorbis/CVE-2017-14160.patch | 58 +++++++++++++++++++++++++++++++++++++ 2 files changed, 99 insertions(+) create mode 100644 user/libvorbis/APKBUILD create mode 100644 user/libvorbis/CVE-2017-14160.patch diff --git a/user/libvorbis/APKBUILD b/user/libvorbis/APKBUILD new file mode 100644 index 000000000..2b5b41f4c --- /dev/null +++ b/user/libvorbis/APKBUILD @@ -0,0 +1,41 @@ +# Maintainer: +pkgname=libvorbis +pkgver=1.3.6 +pkgrel=0 +pkgdesc="Vorbis audio codec library" +url="https://xiph.org/vorbis/" +arch="all" +options="!check" # Test suite doesn't compile. +license="BSD-3-Clause" +subpackages="$pkgname-dev $pkgname-doc" +makedepends="libogg-dev" +source="https://downloads.xiph.org/releases/vorbis/$pkgname-$pkgver.tar.xz + CVE-2017-14160.patch + " + +# secfixes: +# 1.3.5-r4: +# - CVE-2017-14632 +# - CVE-2017-14633 +# 1.3.5-r3: +# - CVE-2017-14160 + +build() { + cd "$builddir" + ./configure \ + --build=$CBUILD \ + --host=$CHOST \ + --prefix=/usr \ + --sysconfdir=/etc \ + --mandir=/usr/share/man \ + --localstatedir=/var + make +} + +package() { + cd "$builddir" + make DESTDIR="$pkgdir" install +} + +sha512sums="a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132 libvorbis-1.3.6.tar.xz +4c2f7be947f2159ae47175cba89950c7b7d357b37a20d54382e4fbecd8c268b148e6cb86cb148945c7b68bbe8b14f466e910b35b80903ab51f1b02cfccf5806e CVE-2017-14160.patch" diff --git a/user/libvorbis/CVE-2017-14160.patch b/user/libvorbis/CVE-2017-14160.patch new file mode 100644 index 000000000..9ad9d18f7 --- /dev/null +++ b/user/libvorbis/CVE-2017-14160.patch @@ -0,0 +1,58 @@ +From 98a60969315dba8c1e8231f561e1551670bc80ae Mon Sep 17 00:00:00 2001 +Message-Id: <98a60969315dba8c1e8231f561e1551670bc80ae.1511192857.git.agx@sigxcpu.org> +From: =?UTF-8?q?Guido=20G=C3=BCnther?= +Date: Wed, 15 Nov 2017 13:12:00 +0100 +Subject: [PATCH] CVE-2017-14160: make sure we don't overflow + +--- + lib/psy.c | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +diff --git a/lib/psy.c b/lib/psy.c +index 422c6f1e..8bbf6cf3 100644 +--- a/lib/psy.c ++++ b/lib/psy.c +@@ -599,7 +599,7 @@ static void bark_noise_hybridmp(int n,const long *b, + XY[i] = tXY; + } + +- for (i = 0, x = 0.f;; i++, x += 1.f) { ++ for (i = 0, x = 0.f; i < n; i++, x += 1.f) { + + lo = b[i] >> 16; + if( lo>=0 ) break; +@@ -621,12 +621,11 @@ static void bark_noise_hybridmp(int n,const long *b, + noise[i] = R - offset; + } + +- for ( ;; i++, x += 1.f) { ++ for ( ; i < n; i++, x += 1.f) { + + lo = b[i] >> 16; + hi = b[i] & 0xffff; + if(hi>=n)break; +- + tN = N[hi] - N[lo]; + tX = X[hi] - X[lo]; + tXX = XX[hi] - XX[lo]; +@@ -651,7 +650,7 @@ static void bark_noise_hybridmp(int n,const long *b, + + if (fixed <= 0) return; + +- for (i = 0, x = 0.f;; i++, x += 1.f) { ++ for (i = 0, x = 0.f; i < n; i++, x += 1.f) { + hi = i + fixed / 2; + lo = hi - fixed; + if(lo>=0)break; +@@ -670,7 +669,7 @@ static void bark_noise_hybridmp(int n,const long *b, + + if (R - offset < noise[i]) noise[i] = R - offset; + } +- for ( ;; i++, x += 1.f) { ++ for ( ; i < n; i++, x += 1.f) { + + hi = i + fixed / 2; + lo = hi - fixed; +-- +2.15.0 + -- cgit v1.2.3-60-g2f50