rpms
/
audiofile
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge fix from upstream pull request #25 for CVE-2015-7747. 

Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono
  no longer causes corruption.
This commit is contained in:
Michael Schwendt 2015-10-09 18:15:51 +02:00
parent 5911261274
commit 5fc49beef1
2 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
audiofile-0.3.6-CVE-2015-7747.patch Normal file
View File

@ -0,0 +1,12 @@
diff -Nurb --strip-trailing-cr audiofile-0.3.6-orig/libaudiofile/modules/ModuleState.cpp audiofile-0.3.6/libaudiofile/modules/ModuleState.cpp
--- audiofile-0.3.6-orig/libaudiofile/modules/ModuleState.cpp 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6/libaudiofile/modules/ModuleState.cpp 2015-10-08 11:29:51.846082162 +0200
@@ -402,7 +402,7 @@
addModule(new Transform(outfc, in.pcm, out.pcm));
if (in.channelCount != out.channelCount)
- addModule(new ApplyChannelMatrix(infc, isReading,
+ addModule(new ApplyChannelMatrix(outfc, isReading,
in.channelCount, out.channelCount,
in.pcm.minClip, in.pcm.maxClip,
track->channelMatrix));

10
audiofile.spec
View File

@ -3,7 +3,7 @@
Summary: Library for accessing various audio file formats
Name: audiofile
Version: 0.3.6
Release: 8%{?dist}
Release: 9%{?dist}
Epoch: 1
# library is LGPL / the two programs GPL / see README
License: LGPLv2+ and GPLv2+
@ -16,6 +16,8 @@ BuildRequires: flac-devel
# optional for rebuilding manual pages from .txt
#BuildRequires: asciidoc
Patch0: audiofile-0.3.6-CVE-2015-7747.patch
%description
The Audio File library is an implementation of the Audio File Library
from SGI, which provides an API for accessing audio file formats like
@ -36,6 +38,7 @@ other resources you can use to develop Audio File applications.
%prep
%setup -q
%patch0 -p1 -b .CVE-2015-7747
%build
%configure --disable-static
@ -75,6 +78,11 @@ make check
%{_mandir}/man3/*
%changelog
* Thu Oct 8 2015 Michael Schwendt <mschwendt@fedoraproject.org> - 1:0.3.6-9
- Merge fix from upstream pull request #25 for CVE-2015-7747.
Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono
no longer causes corruption.
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.3.6-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild