rpms
/
audiofile
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge fix from upstream pull request #25 for CVE-2015-7747. 

Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono
  no longer causes corruption.
This commit is contained in:
Michael Schwendt 2015-10-09 18:15:51 +02:00
parent 5911261274
commit 5fc49beef1
2 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
audiofile-0.3.6-CVE-2015-7747.patch Normal file
View File

@ -0,0 +1,12 @@
diff -Nurb --strip-trailing-cr audiofile-0.3.6-orig/libaudiofile/modules/ModuleState.cpp audiofile-0.3.6/libaudiofile/modules/ModuleState.cpp
--- audiofile-0.3.6-orig/libaudiofile/modules/ModuleState.cpp 2013-03-06 06:30:03.000000000 +0100
+++ audiofile-0.3.6/libaudiofile/modules/ModuleState.cpp 2015-10-08 11:29:51.846082162 +0200
@@ -402,7 +402,7 @@
addModule(new Transform(outfc, in.pcm, out.pcm));
if (in.channelCount != out.channelCount)
- addModule(new ApplyChannelMatrix(infc, isReading,
+ addModule(new ApplyChannelMatrix(outfc, isReading,
in.channelCount, out.channelCount,
in.pcm.minClip, in.pcm.maxClip,
track->channelMatrix));

10
audiofile.spec
View File

@ -3,7 +3,7 @@
Summary: Library for accessing various audio file formats Summary: Library for accessing various audio file formats
Name: audiofile Name: audiofile
Version: 0.3.6 Version: 0.3.6
Release: 8%{?dist} Release: 9%{?dist}
Epoch: 1 Epoch: 1
# library is LGPL / the two programs GPL / see README # library is LGPL / the two programs GPL / see README
License: LGPLv2+ and GPLv2+ License: LGPLv2+ and GPLv2+
@ -16,6 +16,8 @@ BuildRequires: flac-devel
# optional for rebuilding manual pages from .txt # optional for rebuilding manual pages from .txt
#BuildRequires: asciidoc #BuildRequires: asciidoc
Patch0: audiofile-0.3.6-CVE-2015-7747.patch
%description %description
The Audio File library is an implementation of the Audio File Library The Audio File library is an implementation of the Audio File Library
from SGI, which provides an API for accessing audio file formats like from SGI, which provides an API for accessing audio file formats like
@ -36,6 +38,7 @@ other resources you can use to develop Audio File applications.
%prep %prep
%setup -q %setup -q
%patch0 -p1 -b .CVE-2015-7747
%build %build
%configure --disable-static %configure --disable-static
@ -75,6 +78,11 @@ make check
%{_mandir}/man3/* %{_mandir}/man3/*
%changelog %changelog
* Thu Oct 8 2015 Michael Schwendt <mschwendt@fedoraproject.org> - 1:0.3.6-9
- Merge fix from upstream pull request #25 for CVE-2015-7747.
Test conversion from e.g. 16-bit LE stereo to 8-bit LE mono
no longer causes corruption.
* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.3.6-8 * Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:0.3.6-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild