code.ossystems Code Review - openembedded-core.git/commit

]> code.ossystems Code Review - openembedded-core.git/commit

Code Review / openembedded-core.git / commit

author	Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
	Wed, 22 Aug 2018 12:00:29 +0000 (17:30 +0530)
committer	Richard Purdie <richard.purdie@linuxfoundation.org>
	Thu, 23 Aug 2018 06:45:32 +0000 (07:45 +0100)
commit	ad842a3a0e6ef78fb9449362753ae3592c775192
tree	f6fea4d5d715c5c0afb8580deefed289110d59ce	tree \| snapshot
parent	4c1d03eb226aa838622852b70a87260ab1ac9d91	commit \| diff

libsndfile1: CVE-2017-14245 CVE-2017-14246

sfe_copy_data_fp: check value of "max" variable for being normal
and check elements of the data[] array for being finite.

Both checks use functions provided by the <math.h> header as declared
by the C99 standard.

Fixes #317
CVE-2017-14245
CVE-2017-14246

Affects libsndfile1 = 1.0.28

Signed-off-by: Jagadeesh Krishnanjanappa <jkrishnanjanappa@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2017-14245-14246.patch	[new file with mode: 0644]	blob
meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb		diff \| blob \| history

Mirror of the official openembedded-core repository

RSS Atom