Security fix for CVE-2017-9258, CVE-2017-9259, CVE-2017-9260 (rhbz#1475759)
This commit is contained in:
parent
a035dd8283
commit
2ac883cf37
36
cve-2017-92xx.patch
Normal file
36
cve-2017-92xx.patch
Normal file
@ -0,0 +1,36 @@
|
||||
Description: Fix CVE-2017-9258, CVE-2017-9259, CVE-2017-9260
|
||||
Based on an upstream commit, original commit message was: "Added sanity
|
||||
checks against illegal input audio stream parameters e.g. wildly excessive
|
||||
samplerate".
|
||||
.
|
||||
There is no reference to CVEs or bugs, the commit was made after disclosure
|
||||
of the CVEs and all three proofs of concept (crafted wav files) fail after
|
||||
this commit.
|
||||
.
|
||||
The commit was made after version 2.0.0, so that version is also vulnerable.
|
||||
.
|
||||
Unrelated changes were stripped away by patch author, upstream commit author
|
||||
is Olli Parviainen <oparviai@iki.fi>.
|
||||
Author: Gabor Karsay <gabor.karsay@gmx.at>
|
||||
Origin: upstream, https://sourceforge.net/p/soundtouch/code/256/
|
||||
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870854
|
||||
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870856
|
||||
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870857
|
||||
---
|
||||
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
|
||||
--- a/source/SoundTouch/TDStretch.cpp
|
||||
+++ b/source/SoundTouch/TDStretch.cpp
|
||||
@@ -128,7 +128,12 @@
|
||||
int aSeekWindowMS, int aOverlapMS)
|
||||
{
|
||||
// accept only positive parameter values - if zero or negative, use old values instead
|
||||
- if (aSampleRate > 0) this->sampleRate = aSampleRate;
|
||||
+ if (aSampleRate > 0)
|
||||
+ {
|
||||
+ if (aSampleRate > 192000) ST_THROW_RT_ERROR("Error: Excessive samplerate");
|
||||
+ this->sampleRate = aSampleRate;
|
||||
+ }
|
||||
+
|
||||
if (aOverlapMS > 0) this->overlapMs = aOverlapMS;
|
||||
|
||||
if (aSequenceMS > 0)
|
@ -1,12 +1,13 @@
|
||||
Name: soundtouch
|
||||
Version: 2.0.0
|
||||
Release: 2%{?dist}
|
||||
Release: 3%{?dist}
|
||||
Summary: Audio Processing library for changing Tempo, Pitch and Playback Rates
|
||||
License: LGPLv2+
|
||||
Group: System Environment/Libraries
|
||||
URL: http://www.surina.net/soundtouch/
|
||||
Source0: http://www.surina.net/soundtouch/%{name}-%{version}.tar.gz
|
||||
Patch0: soundtouch-1.4.0-x86_64-asm-broken.patch
|
||||
Patch1: cve-2017-92xx.patch
|
||||
BuildRequires: gcc-c++
|
||||
BuildRequires: autoconf automake libtool
|
||||
|
||||
@ -40,6 +41,7 @@ sed -i 's|-O3||' source/SoundStretch/Makefile.*
|
||||
autoreconf -iv
|
||||
#why not in x86_64 !?
|
||||
#patch0 -p1
|
||||
%patch1 -p1
|
||||
|
||||
# set correct version for .so build
|
||||
%define ltversion %(echo %{version} | tr '.' ':')
|
||||
@ -95,6 +97,9 @@ ln -s soundtouch.pc %{buildroot}%{_libdir}/pkgconfig/soundtouch-1.0.pc
|
||||
|
||||
|
||||
%changelog
|
||||
* Thu Jul 05 2018 Hans de Goede <hdegoede@redhat.com> 2.0.0-3
|
||||
- Security fix for CVE-2017-9258, CVE-2017-9259, CVE-2017-9260 (rhbz#1475759)
|
||||
|
||||
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.0.0-2
|
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user