[SCM] soundtouch/master: Add security patch for CVE-2017-92xx
gabork-guest at users.alioth.debian.org
gabork-guest at users.alioth.debian.org
Thu Nov 30 14:13:28 UTC 2017
The following commit has been merged in the master branch:
commit ba72fd452df63289b7f6b41e7ce37dfd0810696f
Author: Gabor Karsay <gabor.karsay at gmx.at>
Date: Thu Nov 30 14:58:10 2017 +0100
Add security patch for CVE-2017-92xx
diff --git a/debian/patches/cve-2017-92xx.patch b/debian/patches/cve-2017-92xx.patch
new file mode 100644
index 0000000..0e475a3
--- /dev/null
+++ b/debian/patches/cve-2017-92xx.patch
@@ -0,0 +1,36 @@
+Description: Fix CVE-2017-9258, CVE-2017-9259, CVE-2017-9260
+ Based on an upstream commit, original commit message was: "Added sanity
+ checks against illegal input audio stream parameters e.g. wildly excessive
+ samplerate".
+ .
+ There is no reference to CVEs or bugs, the commit was made after disclosure
+ of the CVEs and all three proofs of concept (crafted wav files) fail after
+ this commit.
+ .
+ The commit was made after version 2.0.0, so that version is also vulnerable.
+ .
+ Unrelated changes were stripped away by patch author, upstream commit author
+ is Olli Parviainen <oparviai at iki.fi>.
+Author: Gabor Karsay <gabor.karsay at gmx.at>
+Origin: upstream, https://sourceforge.net/p/soundtouch/code/256/
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870854
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870856
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870857
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/source/SoundTouch/TDStretch.cpp
++++ b/source/SoundTouch/TDStretch.cpp
+@@ -128,7 +128,12 @@
+ int aSeekWindowMS, int aOverlapMS)
+ {
+ // accept only positive parameter values - if zero or negative, use old values instead
+- if (aSampleRate > 0) this->sampleRate = aSampleRate;
++ if (aSampleRate > 0)
++ {
++ if (aSampleRate > 192000) ST_THROW_RT_ERROR("Error: Excessive samplerate");
++ this->sampleRate = aSampleRate;
++ }
++
+ if (aOverlapMS > 0) this->overlapMs = aOverlapMS;
+
+ if (aSequenceMS > 0)
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..521a7c0
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+cve-2017-92xx.patch
--
soundtouch packaging
More information about the pkg-multimedia-commits
mailing list