[prev in list] [next in list] [prev in thread] [next in thread]
List: openembedded-core
Subject: [OE-core] [rocko][pyro][PATCH 0/3] libvorbis security fixes
From: Tanu Kaskinen <tanuk () iki ! fi>
Date: 2018-03-31 5:21:29
Message-ID: 20180331052132.23841-1-tanuk () iki ! fi
[Download RAW message or body]
Here are some libvorbis CVE fixes cherry-picked from master. The bugs
affect at least rocko, pyro and morty, I haven't checked older stable
branches. I don't know in which libvorbis version the bugs were
introduced.
These patches apply to rocko and pyro. The patches don't apply cleanly
to morty, so I'll send the morty patches separately.
Tanu Kaskinen (3):
libvorbis: CVE-2017-14633
libvorbis: CVE-2017-14632
libvorbis: CVE-2018-5146
.../libvorbis/libvorbis/CVE-2017-14632.patch | 62 +++++++++++++
.../libvorbis/libvorbis/CVE-2017-14633.patch | 42 +++++++++
.../libvorbis/libvorbis/CVE-2018-5146.patch | 100 +++++++++++++++++++++
.../libvorbis/libvorbis_1.3.5.bb | 3 +
4 files changed, 207 insertions(+)
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14632.patch
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14633.patch
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-5146.patch
--
2.16.2
--
_______________________________________________
Openembedded-core mailing list
Openembedded-core@lists.openembedded.org
http://lists.openembedded.org/mailman/listinfo/openembedded-core
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic