Mailinglist Archive: opensuse-commit (1177 mails)

[root@xxxxxxxxxxxxxxx (h_root)]

Hello community,

here is the log from the commit of package libmikmod for openSUSE:Factory
checked in at Fri Jan 23 23:46:06 CET 2009.


--------
--- libmikmod/libmikmod.changes 2009-01-09 13:38:15.000000000 +0100
+++ /mounts/work_src_done/STABLE/libmikmod/libmikmod.changes    2009-01-23 
16:45:53.000000000 +0100
@@ -1,0 +2,5 @@
+Fri Jan 23 16:44:16 CET 2009 - prusnak@xxxxxxx
+
+- fixed DoS CVE-2007-6720 [bnc#468760]
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


New:
----
  libmikmod-CVE-2007-6720.diff

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libmikmod.spec ++++++
--- /var/tmp/diff_new_pack.o24498/_old  2009-01-23 23:44:26.000000000 +0100
+++ /var/tmp/diff_new_pack.o24498/_new  2009-01-23 23:44:26.000000000 +0100
@@ -25,7 +25,7 @@
 Group:          System/Libraries
 Summary:        MikMod Sound Library
 Version:        3.1.11a
-Release:        113
+Release:        114
 %define _version 3.1.11
 # bug437293
 %ifarch ppc64
@@ -38,6 +38,7 @@
 Source2:        libmikmod-rpmlintrc
 Patch3:         libmikmod-config-fix.dif
 Patch4:         libmikmod-conftest_fix.diff
+Patch5:         libmikmod-CVE-2007-6720.diff
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -79,6 +80,7 @@
 %patch1
 %patch3
 %patch4
+%patch5
 
 %build
 autoreconf -f -i
@@ -119,6 +121,8 @@
 %doc %{_mandir}/man1/*-config.*
 
 %changelog
+* Fri Jan 23 2009 prusnak@xxxxxxx
+- fixed DoS CVE-2007-6720 [bnc#468760]
 * Fri Jan 09 2009 crrodriguez@xxxxxxx
 - remove static libraries and "la" files
 * Wed Jan 07 2009 olh@xxxxxxx

++++++ libmikmod-CVE-2007-6720.diff ++++++
--- loaders/load_xm.c
+++ loaders/load_xm.c
@@ -622,7 +622,8 @@
                                /* read the remainder of the header */
                                for(u=headend-_mm_ftell(modreader);u;u--) 
_mm_read_UBYTE(modreader);
 
-                               if(_mm_eof(modreader)) {
+                               /* last instrument is at the end of file in 
version 0x0104 */
+                               if(_mm_eof(modreader) && (mh->version<0x0104 || 
t<of.numins-1)) {
                                        free(nextwav);free(wh);
                                        nextwav=NULL;wh=NULL;
                                        _mm_errno = MMERR_LOADING_SAMPLEINFO;
--- playercode/mloader.c
+++ playercode/mloader.c
@@ -450,10 +450,12 @@
        if (!l->Init || l->Init()) {
                _mm_rewind(modreader);
                ok = l->Load(curious);
-               /* propagate inflags=flags for in-module samples */
-               for (t = 0; t < of.numsmp; t++)
-                       if (of.samples[t].inflags == 0)
-                               of.samples[t].inflags = of.samples[t].flags;
+               if (ok) {
+                       /* propagate inflags=flags for in-module samples */
+                       for (t = 0; t < of.numsmp; t++)
+                               if (of.samples[t].inflags == 0)
+                                       of.samples[t].inflags = 
of.samples[t].flags;
+               }
        } else
                ok = 0;
 

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-commit+help@xxxxxxxxxxxx