diff options
| author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-04-05 22:28:33 +0300 |
|---|---|---|
| committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-04-05 22:31:28 +0300 |
| commit | 193236933b0f4ab91b1625b64e2187e2db4e0e8f (patch) | |
| tree | e12769d7c76d8b0517d6de3d3c72189753d253ed /poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch | |
| parent | bd93df9478f2f56ffcbc8cb88f1709c735dcd85b (diff) | |
| download | openbmc-193236933b0f4ab91b1625b64e2187e2db4e0e8f.tar.xz | |
reset upstream subtrees to HEAD
Reset the following subtrees on HEAD:
poky: 8217b477a1(master)
meta-xilinx: 64aa3d35ae(master)
meta-openembedded: 0435c9e193(master)
meta-raspberrypi: 490a4441ac(master)
meta-security: cb6d1c85ee(master)
Squashed patches:
meta-phosphor: drop systemd 239 patches
meta-phosphor: mrw-api: use correct install path
Change-Id: I268e2646d9174ad305630c6bbd3fbc1a6105f43d
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch')
| -rw-r--r-- | poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch | 30 |
1 files changed, 16 insertions, 14 deletions
diff --git a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch index 4ae3674df..707373d41 100644 --- a/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch +++ b/poky/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2018-13139.patch @@ -1,23 +1,25 @@ -From 5473aeef7875e54bd0f786fbdd259a35aaee875c Mon Sep 17 00:00:00 2001 -From: Changqing Li <changqing.li@windriver.com> -Date: Wed, 10 Oct 2018 08:59:30 +0800 -Subject: [PATCH] libsndfile1: patch for CVE-2018-13139 +CVE: CVE-2018-13139 +Upstream-Status: Backport [9dc989eb89cd697e19897afa616d6ab0debe4822] +Signed-off-by: Ross Burton <ross.burton@intel.com> -Upstream-Status: Backport [https://github.com/bwarden/libsndfile/ -commit/df18323c622b54221ee7ace74b177cdcccc152d7] +From 9dc989eb89cd697e19897afa616d6ab0debe4822 Mon Sep 17 00:00:00 2001 +From: "Brett T. Warden" <brett.t.warden@intel.com> +Date: Tue, 28 Aug 2018 12:01:17 -0700 +Subject: [PATCH] Check MAX_CHANNELS in sndfile-deinterleave -CVE: CVE-2018-13139 +Allocated buffer has space for only 16 channels. Verify that input file +meets this limit. -Signed-off-by: Changqing Li <changqing.li@windriver.com> +Fixes #397 --- - programs/sndfile-deinterleave.c | 6 ++++++ - 1 file changed, 6 insertions(+) + programs/sndfile-deinterleave.c | 7 +++++++ + 1 file changed, 7 insertions(+) diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c -index e27593e..721bee7 100644 +index e27593e2..cb497e1f 100644 --- a/programs/sndfile-deinterleave.c +++ b/programs/sndfile-deinterleave.c -@@ -89,6 +89,12 @@ main (int argc, char **argv) +@@ -89,6 +89,13 @@ main (int argc, char **argv) exit (1) ; } ; @@ -27,9 +29,9 @@ index e27593e..721bee7 100644 + exit (1) ; + } ; + ++ state.channels = sfinfo.channels ; sfinfo.channels = 1 ; -- -2.7.4 - +2.11.0 |