From d536c0a0e400c27fd7954402195698e2c639338a Mon Sep 17 00:00:00 2001 From: Tanu Kaskinen Date: Tue, 22 May 2018 18:30:09 +0300 Subject: libvorbis: 1.3.5 -> 1.3.6 Rebased 0001-configure-Check-for-clang.patch. Removed the backported CVE patches. License-Update: copyright years refreshed Signed-off-by: Tanu Kaskinen Signed-off-by: Ross Burton --- .../libvorbis/0001-configure-Check-for-clang.patch | 20 ++--- .../libvorbis/libvorbis/CVE-2017-14632.patch | 62 ------------- .../libvorbis/libvorbis/CVE-2017-14633.patch | 42 --------- .../libvorbis/libvorbis/CVE-2018-5146.patch | 100 --------------------- .../libvorbis/libvorbis_1.3.5.bb | 22 ----- .../libvorbis/libvorbis_1.3.6.bb | 19 ++++ 6 files changed, 29 insertions(+), 236 deletions(-) delete mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14632.patch delete mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14633.patch delete mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-5146.patch delete mode 100644 meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb (limited to 'meta') diff --git a/meta/recipes-multimedia/libvorbis/libvorbis/0001-configure-Check-for-clang.patch b/meta/recipes-multimedia/libvorbis/libvorbis/0001-configure-Check-for-clang.patch index 7dad0cd8a5..b06029b98b 100644 --- a/meta/recipes-multimedia/libvorbis/libvorbis/0001-configure-Check-for-clang.patch +++ b/meta/recipes-multimedia/libvorbis/libvorbis/0001-configure-Check-for-clang.patch @@ -1,4 +1,4 @@ -From 44b4511784f9b51c514dff4ceb3cbeaf9c374d08 Mon Sep 17 00:00:00 2001 +From d619ccf6c11ab574466914c57994a82fb99401af Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Wed, 22 Mar 2017 16:06:55 +0000 Subject: [PATCH] configure: Check for clang @@ -13,12 +13,12 @@ Upstream-Status: Pending 1 file changed, 17 insertions(+), 2 deletions(-) diff --git a/configure.ac b/configure.ac -index eddd02d..00ecba5 100644 +index 28b0a14..2d4e984 100644 --- a/configure.ac +++ b/configure.ac -@@ -93,6 +93,16 @@ AC_ARG_ENABLE(examples, - - AM_CONDITIONAL(BUILD_EXAMPLES, [test "x$enable_examples" = xyes]) +@@ -98,6 +98,16 @@ AC_ARG_ENABLE(examples, + + AM_CONDITIONAL(BUILD_EXAMPLES, [test "x$enable_examples" = xyes]) +AC_MSG_CHECKING([whether C compiler is clang]) +$CC -x c /dev/null -dM -E > conftest.txt 2>&1 @@ -33,9 +33,9 @@ index eddd02d..00ecba5 100644 dnl -------------------------------------------------- dnl Set build flags based on environment dnl -------------------------------------------------- -@@ -127,10 +137,15 @@ else +@@ -132,10 +142,15 @@ else AC_MSG_RESULT([$GCC_VERSION]) - case $host in + case $host in *86-*-linux*) + if test "$CC_CLANG" = "1"; then + ieeefp="" @@ -43,8 +43,8 @@ index eddd02d..00ecba5 100644 + ieefp="-mno-ieee-fp" + fi DEBUG="-g -Wall -Wextra -D_REENTRANT -D__NO_MATH_INLINES -fsigned-char" -- CFLAGS="-O3 -ffast-math -mno-ieee-fp -D_REENTRANT -fsigned-char" -+ CFLAGS="-O3 -ffast-math -D_REENTRANT -fsigned-char ${ieefp}" +- CFLAGS="-O3 -Wall -Wextra -ffast-math -mno-ieee-fp -D_REENTRANT -fsigned-char" ++ CFLAGS="-O3 -Wall -Wextra -ffast-math -D_REENTRANT -fsigned-char ${ieefp}" # PROFILE="-Wall -Wextra -pg -g -O3 -ffast-math -D_REENTRANT -fsigned-char -fno-inline -static" - PROFILE="-Wall -Wextra -pg -g -O3 -ffast-math -mno-ieee-fp -D_REENTRANT -fsigned-char -fno-inline" + PROFILE="-Wall -Wextra -pg -g -O3 -ffast-math ${ieefp} -D_REENTRANT -fsigned-char -fno-inline" @@ -52,5 +52,5 @@ index eddd02d..00ecba5 100644 # glibc < 2.1.3 has a serious FP bug in the math inline header # that will cripple Vorbis. Look to see if the magic FP stack -- -1.8.3.1 +2.17.0 diff --git a/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14632.patch b/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14632.patch deleted file mode 100644 index 4036b966fe..0000000000 --- a/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14632.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 39704ce16835e5c019bb03f6a94dc1f0677406c5 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Guido=20G=C3=BCnther?= -Date: Wed, 15 Nov 2017 18:22:59 +0100 -Subject: [PATCH] CVE-2017-14632: vorbis_analysis_header_out: Don't clear opb - if not initialized - -If the number of channels is not within the allowed range -we call oggback_writeclear altough it's not initialized yet. - -This fixes - - =23371== Invalid free() / delete / delete[] / realloc() - ==23371== at 0x4C2CE1B: free (vg_replace_malloc.c:530) - ==23371== by 0x829CA31: oggpack_writeclear (in /usr/lib/x86_64-linux-gnu/libogg.so.0.8.2) - ==23371== by 0x84B96EE: vorbis_analysis_headerout (info.c:652) - ==23371== by 0x9FBCBCC: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so) - ==23371== by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) - ==23371== by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) - ==23371== by 0x10D82A: open_output_file (sox.c:1556) - ==23371== by 0x10D82A: process (sox.c:1753) - ==23371== by 0x10D82A: main (sox.c:3012) - ==23371== Address 0x68768c8 is 488 bytes inside a block of size 880 alloc'd - ==23371== at 0x4C2BB1F: malloc (vg_replace_malloc.c:298) - ==23371== by 0x4C2DE9F: realloc (vg_replace_malloc.c:785) - ==23371== by 0x4E545C2: lsx_realloc (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) - ==23371== by 0x9FBC9A0: ??? (in /usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so) - ==23371== by 0x4E524F1: ??? (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) - ==23371== by 0x4E52CCA: sox_open_write (in /usr/lib/x86_64-linux-gnu/libsox.so.2.0.1) - ==23371== by 0x10D82A: open_output_file (sox.c:1556) - ==23371== by 0x10D82A: process (sox.c:1753) - ==23371== by 0x10D82A: main (sox.c:3012) - -as seen when using the testcase from CVE-2017-11333 with -008d23b782be09c8d75ba8190b1794abd66c7121 applied. However the error was -there before. - -Upstream-Status: Backport -CVE: CVE-2017-14632 - -Reference to upstream patch: -https://git.xiph.org/?p=vorbis.git;a=commitdiff;h=c1c2831fc7306d5fbd7bc800324efd12b28d327f - -Signed-off-by: Tanu Kaskinen ---- - lib/info.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/lib/info.c b/lib/info.c -index 81b7557..4d82568 100644 ---- a/lib/info.c -+++ b/lib/info.c -@@ -584,6 +584,7 @@ int vorbis_analysis_headerout(vorbis_dsp_state *v, - private_state *b=v->backend_state; - - if(!b||vi->channels<=0||vi->channels>256){ -+ b = NULL; - ret=OV_EFAULT; - goto err_out; - } --- -2.16.2 - diff --git a/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14633.patch b/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14633.patch deleted file mode 100644 index 9c9e688d43..0000000000 --- a/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14633.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 07eda55f336e5c44dfc0e4a1e21628faed7255fa Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Guido=20G=C3=BCnther?= -Date: Tue, 31 Oct 2017 18:32:46 +0100 -Subject: [PATCH] CVE-2017-14633: Don't allow for more than 256 channels - -Otherwise - - for(i=0;ichannels;i++){ - /* the encoder setup assumes that all the modes used by any - specific bitrate tweaking use the same floor */ - int submap=info->chmuxlist[i]; - -overreads later in mapping0_forward since chmuxlist is a fixed array of -256 elements max. - -Upstream-Status: Backport -CVE: CVE-2017-14633 - -Reference to upstream patch: -https://git.xiph.org/?p=vorbis.git;a=commitdiff;h=667ceb4aab60c1f74060143bb24e5f427b3cce5f - -Signed-off-by: Tanu Kaskinen ---- - lib/info.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/info.c b/lib/info.c -index e447a0c..81b7557 100644 ---- a/lib/info.c -+++ b/lib/info.c -@@ -583,7 +583,7 @@ int vorbis_analysis_headerout(vorbis_dsp_state *v, - oggpack_buffer opb; - private_state *b=v->backend_state; - -- if(!b||vi->channels<=0){ -+ if(!b||vi->channels<=0||vi->channels>256){ - ret=OV_EFAULT; - goto err_out; - } --- -2.16.2 - diff --git a/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-5146.patch b/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-5146.patch deleted file mode 100644 index 6d4052a872..0000000000 --- a/meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-5146.patch +++ /dev/null @@ -1,100 +0,0 @@ -From 3a017f591457bf6e80231b563bf83ee583fdbca8 Mon Sep 17 00:00:00 2001 -From: Thomas Daede -Date: Thu, 15 Mar 2018 14:15:31 -0700 -Subject: [PATCH] CVE-2018-5146: Prevent out-of-bounds write in codebook - decoding. - -Codebooks that are not an exact divisor of the partition size are now -truncated to fit within the partition. - -Upstream-Status: Backport -CVE: CVE-2018-5146 - -Reference to upstream patch: -https://git.xiph.org/?p=vorbis.git;a=commitdiff;h=667ceb4aab60c1f74060143bb24e5f427b3cce5f - -Signed-off-by: Tanu Kaskinen ---- - lib/codebook.c | 48 ++++++++++-------------------------------------- - 1 file changed, 10 insertions(+), 38 deletions(-) - -diff --git a/lib/codebook.c b/lib/codebook.c -index 8b766e8..7022fd2 100644 ---- a/lib/codebook.c -+++ b/lib/codebook.c -@@ -387,7 +387,7 @@ long vorbis_book_decodevs_add(codebook *book,float *a,oggpack_buffer *b,int n){ - t[i] = book->valuelist+entry[i]*book->dim; - } - for(i=0,o=0;idim;i++,o+=step) -- for (j=0;jdim>8){ -- for(i=0;ivaluelist+entry*book->dim; -- for (j=0;jdim;) -- a[i++]+=t[j++]; -- } -- }else{ -- for(i=0;ivaluelist+entry*book->dim; -- j=0; -- switch((int)book->dim){ -- case 8: -- a[i++]+=t[j++]; -- case 7: -- a[i++]+=t[j++]; -- case 6: -- a[i++]+=t[j++]; -- case 5: -- a[i++]+=t[j++]; -- case 4: -- a[i++]+=t[j++]; -- case 3: -- a[i++]+=t[j++]; -- case 2: -- a[i++]+=t[j++]; -- case 1: -- a[i++]+=t[j++]; -- case 0: -- break; -- } -- } -+ for(i=0;ivaluelist+entry*book->dim; -+ for(j=0;idim;) -+ a[i++]+=t[j++]; - } - } - return(0); -@@ -471,12 +442,13 @@ long vorbis_book_decodevv_add(codebook *book,float **a,long offset,int ch, - long i,j,entry; - int chptr=0; - if(book->used_entries>0){ -- for(i=offset/ch;i<(offset+n)/ch;){ -+ int m=(offset+n)/ch; -+ for(i=offset/ch;ivaluelist+entry*book->dim; -- for (j=0;jdim;j++){ -+ for (j=0;idim;j++){ - a[chptr++][i]+=t[j]; - if(chptr==ch){ - chptr=0; --- -2.16.2 - diff --git a/meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb b/meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb deleted file mode 100644 index 20f887c252..0000000000 --- a/meta/recipes-multimedia/libvorbis/libvorbis_1.3.5.bb +++ /dev/null @@ -1,22 +0,0 @@ -SUMMARY = "Ogg Vorbis Audio Codec" -DESCRIPTION = "Ogg Vorbis is a high-quality lossy audio codec \ -that is free of intellectual property restrictions. libvorbis \ -is the main vorbis codec library." -HOMEPAGE = "http://www.vorbis.com/" -BUGTRACKER = "https://trac.xiph.org" -SECTION = "libs" -LICENSE = "BSD" -LIC_FILES_CHKSUM = "file://COPYING;md5=7d2c487d2fc7dd3e3c7c465a5b7f6217 \ - file://include/vorbis/vorbisenc.h;beginline=1;endline=11;md5=d1c1d138863d6315131193d4046d81cb" -DEPENDS = "libogg" - -SRC_URI = "http://downloads.xiph.org/releases/vorbis/${BP}.tar.xz \ - file://0001-configure-Check-for-clang.patch \ - file://CVE-2017-14633.patch \ - file://CVE-2017-14632.patch \ - file://CVE-2018-5146.patch \ - " -SRC_URI[md5sum] = "28cb28097c07a735d6af56e598e1c90f" -SRC_URI[sha256sum] = "54f94a9527ff0a88477be0a71c0bab09a4c3febe0ed878b24824906cd4b0e1d1" - -inherit autotools pkgconfig diff --git a/meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb b/meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb new file mode 100644 index 0000000000..bd46451612 --- /dev/null +++ b/meta/recipes-multimedia/libvorbis/libvorbis_1.3.6.bb @@ -0,0 +1,19 @@ +SUMMARY = "Ogg Vorbis Audio Codec" +DESCRIPTION = "Ogg Vorbis is a high-quality lossy audio codec \ +that is free of intellectual property restrictions. libvorbis \ +is the main vorbis codec library." +HOMEPAGE = "http://www.vorbis.com/" +BUGTRACKER = "https://trac.xiph.org" +SECTION = "libs" +LICENSE = "BSD" +LIC_FILES_CHKSUM = "file://COPYING;md5=70c7063491d2d9f76a098d62ed5134f1 \ + file://include/vorbis/vorbisenc.h;beginline=1;endline=11;md5=d1c1d138863d6315131193d4046d81cb" +DEPENDS = "libogg" + +SRC_URI = "http://downloads.xiph.org/releases/vorbis/${BP}.tar.xz \ + file://0001-configure-Check-for-clang.patch \ + " +SRC_URI[md5sum] = "b7d1692f275c73e7833ed1cc2697cd65" +SRC_URI[sha256sum] = "af00bb5a784e7c9e69f56823de4637c350643deedaf333d0fa86ecdba6fcb415" + +inherit autotools pkgconfig -- cgit 1.2.3-korg