diff --git a/.gitignore b/.gitignore index 3631163..2e16d72 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ libsndfile-1.0.21.tar.gz /libsndfile-1.0.24.tar.gz /libsndfile-1.0.25.tar.gz /libsndfile-1.0.27.tar.gz +/libsndfile-1.0.28.tar.gz diff --git a/libsndfile-1.0.25-system-gsm.patch b/libsndfile-1.0.25-system-gsm.patch index c48f5ee..d6d1b34 100644 --- a/libsndfile-1.0.25-system-gsm.patch +++ b/libsndfile-1.0.25-system-gsm.patch @@ -1,6 +1,6 @@ -diff -up libsndfile-1.0.27/src/gsm610.c.systemgsm libsndfile-1.0.27/src/gsm610.c ---- libsndfile-1.0.27/src/gsm610.c.systemgsm 2016-04-01 23:08:53.000000000 +0200 -+++ libsndfile-1.0.27/src/gsm610.c 2016-11-11 19:12:06.749656521 +0100 +diff -up libsndfile-1.0.28/src/gsm610.c.systemgsm libsndfile-1.0.28/src/gsm610.c +--- libsndfile-1.0.28/src/gsm610.c.systemgsm 2016-09-10 10:08:27.000000000 +0200 ++++ libsndfile-1.0.28/src/gsm610.c 2017-04-11 10:47:40.437162489 +0200 @@ -27,7 +27,7 @@ #include "sfendian.h" #include "common.h" @@ -20,9 +20,9 @@ diff -up libsndfile-1.0.27/src/gsm610.c.systemgsm libsndfile-1.0.27/src/gsm610.c if ((SF_CONTAINER (psf->sf.format)) == SF_FORMAT_WAV || (SF_CONTAINER (psf->sf.format)) == SF_FORMAT_W64) gsm_option (pgsm610->gsm_data, GSM_OPT_WAV49, &true_flag) ; -diff -up libsndfile-1.0.27/src/Makefile.am.systemgsm libsndfile-1.0.27/src/Makefile.am ---- libsndfile-1.0.27/src/Makefile.am.systemgsm 2016-11-11 19:10:05.220551515 +0100 -+++ libsndfile-1.0.27/src/Makefile.am 2016-11-11 19:10:14.315634212 +0100 +diff -up libsndfile-1.0.28/src/Makefile.am.systemgsm libsndfile-1.0.28/src/Makefile.am +--- libsndfile-1.0.28/src/Makefile.am.systemgsm 2017-04-01 09:18:02.000000000 +0200 ++++ libsndfile-1.0.28/src/Makefile.am 2017-04-11 10:48:43.855620172 +0200 @@ -8,7 +8,7 @@ lib_LTLIBRARIES = libsndfile.la include_HEADERS = sndfile.hh nodist_include_HEADERS = sndfile.h @@ -32,7 +32,7 @@ diff -up libsndfile-1.0.27/src/Makefile.am.systemgsm libsndfile-1.0.27/src/Makef SYMBOL_FILES = Symbols.gnu-binutils Symbols.darwin libsndfile-1.def Symbols.os2 Symbols.static -@@ -46,7 +46,7 @@ endif +@@ -43,7 +43,7 @@ libsndfile_la_CPPFLAGS = -DSNDFILE_EXPOR libsndfile_la_LDFLAGS = -no-undefined -version-info $(SHARED_VERSION_INFO) $(SHLIB_VERSION_ARG) libsndfile_la_SOURCES = $(FILESPECIFIC) $(noinst_HEADERS) nodist_libsndfile_la_SOURCES = $(nodist_include_HEADERS) @@ -40,8 +40,8 @@ diff -up libsndfile-1.0.27/src/Makefile.am.systemgsm libsndfile-1.0.27/src/Makef +libsndfile_la_LIBADD = -lgsm G72x/libg72x.la ALAC/libalac.la \ libcommon.la $(EXTERNAL_XIPH_LIBS) -lm - libcommon_la_SOURCES = $(COMMON) -@@ -54,12 +54,6 @@ libcommon_la_SOURCES = $(COMMON) + EXTRA_libsndfile_la_DEPENDENCIES = $(SYMBOL_FILES) +@@ -58,12 +58,6 @@ libcommon_la_SOURCES = common.c file_io. #====================================================================== # Subdir libraries. diff --git a/libsndfile.spec b/libsndfile.spec index 7ccb463..9e92652 100644 --- a/libsndfile.spec +++ b/libsndfile.spec @@ -1,14 +1,14 @@ Summary: Library for reading and writing sound files Name: libsndfile -Version: 1.0.27 -Release: 2%{?dist} +Version: 1.0.28 +Release: 1%{?dist} License: LGPLv2+ and GPLv2+ and BSD Group: System Environment/Libraries URL: http://www.mega-nerd.com/libsndfile/ Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz Patch0: libsndfile-1.0.25-system-gsm.patch Patch1: libsndfile-1.0.25-zerodivfix.patch - +Patch2: revert.patch BuildRequires: alsa-lib-devel BuildRequires: flac-devel BuildRequires: libogg-devel @@ -55,6 +55,7 @@ This package contains command line utilities for libsndfile. %setup -q %patch0 -p1 -b .systemgsm %patch1 -p1 -b .zerodivfix +%patch2 -p1 -b .revert rm -r src/GSM610 %build @@ -150,6 +151,11 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check %changelog +* Tue Apr 11 2017 Michal Hlavinka - 1.0.28-1 +- updated to 1.0.28 +- fix possible buffer overflow when parsing crafted ID3 tags (#1440758, CVE-2017-7586) +- fix possible buffer overflow when parsing crafted flac file (#1440756, CVE-2017-7585) + * Fri Feb 10 2017 Fedora Release Engineering - 1.0.27-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild diff --git a/revert.patch b/revert.patch new file mode 100644 index 0000000..fbdd96d --- /dev/null +++ b/revert.patch @@ -0,0 +1,37 @@ +--- libsndfile-1.0.28/src/rf64.c 2017-04-02 09:43:22.000000000 +0200 ++++ libsndfile-1.0.27/src/rf64.c 2016-04-01 23:08:53.000000000 +0200 +@@ -735,25 +734,27 @@ rf64_write_header (SF_PRIVATE *psf, int + + #endif + +- pad_size = psf->dataoffset - 16 - psf->header.indx ; +- if (pad_size >= 0) +- psf_binheader_writef (psf, "m4z", PAD_MARKER, pad_size, make_size_t (pad_size)) ; ++ if (psf->header.indx + 8 < psf->dataoffset) ++ { /* Add PAD data if necessary. */ ++ int k = psf->dataoffset - 16 - psf->header.indx ; ++ psf_binheader_writef (psf, "m4z", PAD_MARKER, k, make_size_t (k)) ; ++ } ; + + if (wpriv->rf64_downgrade && (psf->filelength < RIFF_DOWNGRADE_BYTES)) + psf_binheader_writef (psf, "tm8", data_MARKER, psf->datalength) ; + else + psf_binheader_writef (psf, "m4", data_MARKER, 0xffffffff) ; + +- psf_fwrite (psf->header.ptr, psf->header.indx, 1, psf) ; ++ psf_fwrite (psf->header.ptr, psf->header.indx, 1, psf) ; + if (psf->error) + return psf->error ; + +- if (has_data && psf->dataoffset != psf->header.indx) +- { psf_log_printf (psf, "Oooops : has_data && psf->dataoffset != psf->header.indx\n") ; ++ if (has_data && psf->dataoffset != psf->header.indx) ++ { psf_log_printf (psf, "Oooops : has_data && psf->dataoffset != psf->header.indx\n") ; + return psf->error = SFE_INTERNAL ; + } ; + +- psf->dataoffset = psf->header.indx ; ++ psf->dataoffset = psf->header.indx ; + + if (NOT (has_data)) + psf_fseek (psf, psf->dataoffset, SEEK_SET) ; diff --git a/sources b/sources index a3ffa74..629c63d 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -fd1d97c6077f03b5d984d7956ffedb7a libsndfile-1.0.27.tar.gz +SHA512 (libsndfile-1.0.28.tar.gz) = 890731a6b8173f714155ce05eaf6d991b31632c8ab207fbae860968861a107552df26fcf85602df2e7f65502c7256c1b41735e1122485a3a07ddb580aa83b57f