]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: d92877a) | patch
libsndfile1: Fix CVE-2017-8362
authorJackie Huang <jackie.huang@windriver.com>
Thu, 17 Aug 2017 06:44:28 +0000 (14:44 +0800)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Fri, 18 Aug 2017 11:35:57 +0000 (12:35 +0100)
commit0c8da3f6f85962196f2ad54fffd839239f5c2274
tree1850381487e0bb77327d963b0e5508fb2c1633eatree | snapshot
parentd92877ade8fd4dd9b548c6b664bf4357a1f9428acommit | diff
libsndfile1: Fix CVE-2017-8362

Backport the patch to fix CVE-2017-8362:

The flac_buffer_copy function in flac.c in libsndfile 1.0.28 allows
remote attackers to cause a denial of service (invalid read and
application crash) via a crafted audio file.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-8362

Signed-off-by: Jackie Huang <jackie.huang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-8362.patch [new file with mode: 0644] blob
meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb diff | blob | history
Mirror of the official openembedded-core repository