fix out-of-bounds read in oggenc (CVE-2023-43361)

Resolves: RHEL-11778

vorbis-tools-1.4.0-CVE-2023-43361.patch

@@ -0,0 +1,13 @@
+diff --git a/oggenc/platform.c b/oggenc/platform.c
+index 6d9f4ef..c63304b 100644
+--- a/oggenc/platform.c
++++ b/oggenc/platform.c
+@@ -147,7 +147,7 @@ int create_directories(char *fn, int isutf8)
+         start = start+2;
+ #endif
+ 
+-    while((end = strpbrk(start+1, PATH_SEPS)) != NULL)
++    while((end = strpbrk(start + strspn(start, PATH_SEPS), PATH_SEPS)) != NULL)
+     {
+         int rv;
+         memcpy(segment, fn, end-fn);

vorbis-tools.spec

@@ -1,7 +1,7 @@
 Summary:	The Vorbis General Audio Compression Codec tools
 Name:		vorbis-tools
 Version:	1.4.0
-Release:	28%{?dist}
+Release:	29%{?dist}
 Epoch:		1
 Group:		Applications/Multimedia
 License:	GPLv2
@@ -27,6 +27,9 @@ Patch5:		vorbis-tools-1.4.0-CVE-2014-9638-CVE-2014-9639.patch
 # oggenc: fix large alloca on bad AIFF input (CVE-2015-6749)
 Patch6:		vorbis-tools-1.4.0-CVE-2015-6749.patch
 
+# fix out-of-bounds read in oggenc (CVE-2023-43361)
+Patch7:		vorbis-tools-1.4.0-CVE-2023-43361.patch
+
 BuildRequires:	flac-devel
 BuildRequires:	gettext
 BuildRequires:	gcc
@@ -55,6 +58,7 @@ comment editor.
 %patch4 -p1
 %patch5 -p1
 %patch6 -p1
+%patch7 -p1
 
 
 %build
@@ -82,6 +86,9 @@ rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}*
 
 
 %changelog
+* Thu Jan 18 2024 Lukáš Zaoral <lzaoral@redhat.com> - 1:1.4.0-29
+- fix out-of-bounds read in oggenc (CVE-2023-43361)
+
 * Mon Feb 19 2018 Kamil Dudka <kdudka@redhat.com> - 1:1.4.0-28
 - add explicit BR for the gcc compiler