[SCM] soundtouch/master: Add security patch for CVE-2017-92xx

gabork-guest at users.alioth.debian.org gabork-guest at users.alioth.debian.org
Thu Nov 30 14:13:28 UTC 2017 

The following commit has been merged in the master branch:
commit ba72fd452df63289b7f6b41e7ce37dfd0810696f
Author: Gabor Karsay <gabor.karsay at gmx.at>
Date:   Thu Nov 30 14:58:10 2017 +0100

    Add security patch for CVE-2017-92xx

diff --git a/debian/patches/cve-2017-92xx.patch b/debian/patches/cve-2017-92xx.patch
new file mode 100644
index 0000000..0e475a3
--- /dev/null
+++ b/debian/patches/cve-2017-92xx.patch
@@ -0,0 +1,36 @@
+Description: Fix CVE-2017-9258, CVE-2017-9259, CVE-2017-9260
+ Based on an upstream commit, original commit message was: "Added sanity
+ checks against illegal input audio stream parameters e.g. wildly excessive
+ samplerate".
+ . 
+ There is no reference to CVEs or bugs, the commit was made after disclosure
+ of the CVEs and all three proofs of concept (crafted wav files) fail after
+ this commit.
+ . 
+ The commit was made after version 2.0.0, so that version is also vulnerable.
+ .
+ Unrelated changes were stripped away by patch author, upstream commit author
+ is Olli Parviainen <oparviai at iki.fi>.
+Author: Gabor Karsay <gabor.karsay at gmx.at>
+Origin: upstream, https://sourceforge.net/p/soundtouch/code/256/
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870854
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870856
+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870857
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/source/SoundTouch/TDStretch.cpp
++++ b/source/SoundTouch/TDStretch.cpp
+@@ -128,7 +128,12 @@
+                               int aSeekWindowMS, int aOverlapMS)
+ {
+     // accept only positive parameter values - if zero or negative, use old values instead
+-    if (aSampleRate > 0)   this->sampleRate = aSampleRate;
++    if (aSampleRate > 0)
++    {
++        if (aSampleRate > 192000) ST_THROW_RT_ERROR("Error: Excessive samplerate");
++        this->sampleRate = aSampleRate;
++    }
++
+     if (aOverlapMS > 0)    this->overlapMs = aOverlapMS;
+ 
+     if (aSequenceMS > 0)
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..521a7c0
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+cve-2017-92xx.patch

-- 
soundtouch packaging

More information about the pkg-multimedia-commits mailing list