gentoo resync : 25.08.2018

1 files changed, 36 insertions, 0 deletions

diff --git a/media-libs/libsoundtouch/files/libsoundtouch-2.0.0-CVE-2017-92xx.patch b/media-libs/libsoundtouch/files/libsoundtouch-2.0.0-CVE-2017-92xx.patch
new file mode 100644
index 000000000000..0e475a3e44e6
--- /dev/null
+++ b/media-libs/libsoundtouch/files/libsoundtouch-2.0.0-CVE-2017-92xx.patch
@@ -0,0 +1,36 @@
+Description: Fix CVE-2017-9258, CVE-2017-9259, CVE-2017-9260

+ Based on an upstream commit, original commit message was: "Added sanity

+ checks against illegal input audio stream parameters e.g. wildly excessive

+ samplerate".

+ . 

+ There is no reference to CVEs or bugs, the commit was made after disclosure

+ of the CVEs and all three proofs of concept (crafted wav files) fail after

+ this commit.

+ . 

+ The commit was made after version 2.0.0, so that version is also vulnerable.

+ .

+ Unrelated changes were stripped away by patch author, upstream commit author

+ is Olli Parviainen <oparviai@iki.fi>.

+Author: Gabor Karsay <gabor.karsay@gmx.at>

+Origin: upstream, https://sourceforge.net/p/soundtouch/code/256/

+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870854

+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870856

+Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870857

+---

+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/

+--- a/source/SoundTouch/TDStretch.cpp
++++ b/source/SoundTouch/TDStretch.cpp
+@@ -128,7 +128,12 @@
+                               int aSeekWindowMS, int aOverlapMS)

+ {

+     // accept only positive parameter values - if zero or negative, use old values instead

+-    if (aSampleRate > 0)   this->sampleRate = aSampleRate;

++    if (aSampleRate > 0)

++    {

++        if (aSampleRate > 192000) ST_THROW_RT_ERROR("Error: Excessive samplerate");

++        this->sampleRate = aSampleRate;

++    }

++

+     if (aOverlapMS > 0)    this->overlapMs = aOverlapMS;

+ 

+     if (aSequenceMS > 0)