Google Git
Sign in
android-kvm / buildroot / 9012a319f36a3ac8a9383f854569e04c3a110a35
commit9012a319f36a3ac8a9383f854569e04c3a110a35[log] [tgz]
authorPeter Korsgaard <peter@korsgaard.com>Tue Jul 04 10:42:11 2017 +0200
committerPeter Korsgaard <peter@korsgaard.com>Tue Jul 04 17:50:34 2017 +0200
tree4ec1ab41582869f95c778815849735ef0009c059
parent1195d84c71c5849117f40d99189e7ae077cd88fb [diff]
libmad: add security patch from debian

Fixes:

CVE-2017-8372 - The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a
denial of service (assertion failure and application exit) via a crafted
audio file.

CVE-2017-8373 - The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b allows remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted audio file.

CVE-2017-8374 - The mad_bit_skip function in bit.c in Underbit MAD libmad
0.15.1b allows remote attackers to cause a denial of service (heap-based
buffer over-read and application crash) via a crafted audio file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6369a06150b9a2991807c0418a7f0a865ef6c084)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2 files changed
tree: 4ec1ab41582869f95c778815849735ef0009c059
  1. arch/
  2. board/
  3. boot/
  4. configs/
  5. docs/
  6. fs/
  7. linux/
  8. package/
  9. support/
  10. system/
  11. toolchain/
  12. .defconfig
  13. .gitignore
  14. CHANGES
  15. Config.in
  16. Config.in.legacy
  17. COPYING
  18. DEVELOPERS
  19. Makefile
  20. Makefile.legacy
  21. README