godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-06 18:09:44 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
67ecc12926bfe486d707b57f3d998fdffe5ccb39
buildroot/package/libsndfile
History
Fabrice Fontaine b121ade6b9 package/libsndfile: fix CVE-2019-3832 
It was discovered the fix for CVE-2018-19758 (libsndfile) was not
complete and still allows a read beyond the limits of a buffer in
wav_write_header() function in wav.c. A local attacker may use this flaw
to make the application crash.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3426b37ebb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-03-15 11:26:23 +01:00
..
0001-double64_init-Check-psf-sf.channels-against-upper-bo.patch
0002-Check-MAX_CHANNELS-in-sndfile-deinterleave.patch
0003-a-ulaw-fix-multiple-buffer-overflows-432.patch
0004-src-wav.c-Fix-heap-read-overflow.patch
0005-wav_write_header-don-t-read-past-the-array-end.patch
package/libsndfile: fix CVE-2019-3832
2020-03-15 11:26:23 +01:00
Config.in
libsndfile.hash
libsndfile.mk