Commit 91f4096f authored by Jan Pavlinec's avatar Jan Pavlinec

libvorbis: update to version 1.3.6 (security fix)

* CVE-2018-5146 - out-of-bounds write on codebook decoding.
* CVE-2017-14632 - free() on unitialized data
* CVE-2017-14633 - out-of-bounds read

Issue https://gitlab.labs.nic.cz/turris/turris-os-packages/issues/179
parent a7bc03d9
......@@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=libvorbis
PKG_VERSION:=1.3.5
PKG_RELEASE:=2
PKG_VERSION:=1.3.6
PKG_RELEASE:=1
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_SOURCE_URL:=http://downloads.xiph.org/releases/vorbis/
PKG_MD5SUM:=28cb28097c07a735d6af56e598e1c90f
PKG_MD5SUM:=af00bb5a784e7c9e69f56823de4637c350643deedaf333d0fa86ecdba6fcb415
PKG_MAINTAINER:=Ted Hess <thess@kitschensync.net>
PKG_LICENSE:=BSD-3-Clause
......
--- a/lib/info.c
+++ b/lib/info.c
@@ -583,7 +583,8 @@ int vorbis_analysis_headerout(vorbis_dsp
oggpack_buffer opb;
private_state *b=v->backend_state;
- if(!b||vi->channels<=0){
+ if(!b||vi->channels<=0||vi->channels>255){
+ b = NULL;
ret=OV_EFAULT;
goto err_out;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment