Hello community, here is the log from the commit of package vorbis-tools for openSUSE:Factory checked in at 2015-01-29 09:54:53 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vorbis-tools (Old) and /work/SRC/openSUSE:Factory/.vorbis-tools.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "vorbis-tools" Changes: -------- --- /work/SRC/openSUSE:Factory/vorbis-tools/vorbis-tools.changes 2015-01-03 22:03:12.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.vorbis-tools.new/vorbis-tools.changes 2015-01-29 09:54:55.000000000 +0100 @@ -1,0 +2,7 @@ +Tue Jan 27 18:04:18 CET 2015 - tiwai@suse.de + +- Fix segfault by a crafted raw file input (CVE-2014-9640, + bsc#914938): + vorbis-tools-r19117-CVE-2014-9640.patch + +------------------------------------------------------------------- New: ---- vorbis-tools-r19117-CVE-2014-9640.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vorbis-tools.spec ++++++ --- /var/tmp/diff_new_pack.cB8zdy/_old 2015-01-29 09:54:56.000000000 +0100 +++ /var/tmp/diff_new_pack.cB8zdy/_new 2015-01-29 09:54:56.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package vorbis-tools # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -30,6 +30,8 @@ Patch1: vorbis-tools-cflags.diff # PATCH-FIX-OPENSUSE vcut-fix-segfault.diff bnc#888360 -- Fix segfault of vcut Patch2: vcut-fix-segfault.diff +# PATCH-FIX-UPSTREAM vorbis-tools-r19117-CVE-2014-9640.patch bsc#914938 CVE-201409640 +Patch3: vorbis-tools-r19117-CVE-2014-9640.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: flac-devel @@ -71,6 +73,7 @@ %patch0 %patch1 %patch2 -p1 +%patch3 -p1 # automake 1.13 deprecated AM_CONFIG_HEADER sed -i 's/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/' configure.ac ++++++ vorbis-tools-r19117-CVE-2014-9640.patch ++++++ --- oggenc/oggenc.c | 4 ++-- oggenc/skeleton.h | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) --- a/oggenc/oggenc.c +++ b/oggenc/oggenc.c @@ -97,6 +97,8 @@ int main(int argc, char **argv) .3,-1, 0,0,0.f, 0, 0, 0, 0, 0}; + input_format raw_format = {NULL, 0, raw_open, wav_close, "raw", + N_("RAW file reader")}; int i; @@ -239,8 +241,6 @@ int main(int argc, char **argv) if(opt.rawmode) { - input_format raw_format = {NULL, 0, raw_open, wav_close, "raw", - N_("RAW file reader")}; enc_opts.rate=opt.raw_samplerate; enc_opts.channels=opt.raw_channels; --- a/oggenc/skeleton.h +++ b/oggenc/skeleton.h @@ -41,7 +41,7 @@ typedef struct { ogg_int64_t granule_rate_d; /* granule rate denominator */ ogg_int64_t start_granule; /* start granule value */ ogg_uint32_t preroll; /* preroll */ - unsigned char granule_shift; // a 8-bit field /* 1 byte value holding the granule shift */ + unsigned char granule_shift; /* 1 byte value holding the granule shift */ char *message_header_fields; /* holds all the message header fields */ /* current total size of the message header fields, for realloc purpose, initially zero */ ogg_uint32_t current_header_size; -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org