godotengine/buildroot
1
0
Fork 0
mirror of https://github.com/godotengine/buildroot.git synced 2026-01-20 04:51:30 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
2017.02.2
buildroot/package/audiofile
History
Peter Korsgaard 6338df7dea audiofile: add security patch for CVE-2017-6839 
Integer overflow in modules/MSADPCM.cpp in Audio File Library (aka
audiofile) 0.3.6 allows remote attackers to cause a denial of service
(crash) via a crafted file.

https://blogs.gentoo.org/ago/2017/02/20/audiofile-multiple-ubsan-crashes/
https://github.com/mpruett/audiofile/issues/41

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 844a7c6281)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-03 10:32:05 +02:00
..
0001-Fix-pkg-config-for-static-linking.patch
0002-cast-to-unsigned-gcc6.patch
package/audiofile: fix compilation with gcc6
2016-06-06 23:21:59 +02:00
0003-Always-check-the-number-of-coefficients.patch
audiofile: add security patch for CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837
2017-04-03 10:31:06 +02:00
0004-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch
audiofile: add security patch for CVE-2017-6829
2017-04-03 10:31:40 +02:00
0005-Check-for-multiplication-overflow-in-sfconvert.patch
audiofile: add security patch for CVE-2017-6830 / CVE-2017-6834 / CVE-2017-6836 / CVE-2017-6838
2017-04-03 10:31:48 +02:00
0006-Actually-fail-when-error-occurs-in-parseFormat.patch
audiofile: add security patch for CVE-2017-6831
2017-04-03 10:31:56 +02:00
0007-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch
audiofile: add security patch for CVE-2017-6839
2017-04-03 10:32:05 +02:00
audiofile.hash
audiofile.mk
audiofile: comma separate licenses
2015-12-15 22:05:14 +01:00
Config.in