]> code.ossystems Code Review - openembedded-core.git/commit
Code Review / openembedded-core.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 3e00059) | patch
libsndfile1: CVE-2017-14245 CVE-2017-14246
authorJagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Wed, 22 Aug 2018 13:19:51 +0000 (18:49 +0530)
committerRichard Purdie <richard.purdie@linuxfoundation.org>
Wed, 29 Aug 2018 14:22:26 +0000 (15:22 +0100)
commit39b1dc89ce2870d1a2630b2319783a6203cbcb08
treeb1d655e7122969e2771cb6899c6715ed9b68dd34tree | snapshot
parent3e000591928cfc35df192c7eb00db65687930566commit | diff
libsndfile1: CVE-2017-14245 CVE-2017-14246

sfe_copy_data_fp: check value of "max" variable for being normal
and check elements of the data[] array for being finite.

Both checks use functions provided by the <math.h> header as declared
by the C99 standard.

Fixes #317
CVE-2017-14245
CVE-2017-14246

Affects libsndfile1 = 1.0.28

Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch [new file with mode: 0644] blob
meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb diff | blob | history
Mirror of the official openembedded-core repository