Date: Fri, 6 Mar 2009 22:51:09 +0300 (MSK) From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> To: FreeBSD-gnats-submit@freebsd.org Subject: ports/132371: [vuxml] [patch] audio/libsndfile: update to 1.0.19 and fix CVE-2009-0186 Message-ID: <20090306195109.E313EB8031@phoenix.codelabs.ru> Resent-Message-ID: <200903062000.n26K09Ue042088@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 132371 >Category: ports >Synopsis: [vuxml] [patch] audio/libsndfile: update to 1.0.19 and fix CVE-2009-0186 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Mar 06 20:00:09 UTC 2009 >Closed-Date: >Last-Modified: >Originator: Eygene Ryabinkin >Release: FreeBSD 7.1-STABLE amd64 >Organization: Code Labs >Environment: System: FreeBSD 7.1-STABLE amd64 >Description: Secunia found integer overflow in CAF processing within libsndfile 1.0.18, [1]. This could lead to the arbitrary code execution with the privileges of process that uses libsndfile to play/process the crafted CAF file. >How-To-Repeat: [1] http://secunia.com/advisories/33980/ >Fix: The following patch updates the port to 1.0.19. I had mildly tested it and found no problems. --- update-to-1.0.19.diff begins here --- >From 4f01cb69c37a0df98d0c3c3e483121bb1d944d6b Mon Sep 17 00:00:00 2001 From: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Date: Fri, 6 Mar 2009 22:42:50 +0300 I had tested the new port version by using sndfile-convert to transform standart .flac applaud00.flac to WAV and CAF files and transform back from these two formats to FLAC. Worked without troubles. Signed-off-by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> --- audio/libsndfile/Makefile | 2 +- audio/libsndfile/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/audio/libsndfile/Makefile b/audio/libsndfile/Makefile index 67c3e59..0ec8ccb 100644 --- a/audio/libsndfile/Makefile +++ b/audio/libsndfile/Makefile @@ -6,7 +6,7 @@ # PORTNAME= libsndfile -PORTVERSION= 1.0.18 +PORTVERSION= 1.0.19 CATEGORIES= audio MASTER_SITES= http://www.mega-nerd.com/libsndfile/ diff --git a/audio/libsndfile/distinfo b/audio/libsndfile/distinfo index e5f689a..5e9e5a5 100644 --- a/audio/libsndfile/distinfo +++ b/audio/libsndfile/distinfo @@ -1,3 +1,3 @@ -MD5 (libsndfile-1.0.18.tar.gz) = 9fde6efb1b75ef38398acf856f252416 -SHA256 (libsndfile-1.0.18.tar.gz) = c0821534a8510982d26b3085b148d9091dede53780733515eb49c99a65da293a -SIZE (libsndfile-1.0.18.tar.gz) = 923666 +MD5 (libsndfile-1.0.19.tar.gz) = 8fa24b0c0a8758543427c9741ea06924 +SHA256 (libsndfile-1.0.19.tar.gz) = 4b567a02e15bcae25fa1aeb3361b4e2cb8b2ce08e9b53faa81f77a34fb2b5419 +SIZE (libsndfile-1.0.19.tar.gz) = 924368 -- 1.6.1 --- update-to-1.0.19.diff ends here --- The following VuXML entry should be evaluated and added: --- vuln.xml begins here --- <vuln vid="ed39c2f3-0a82-11de-9a16-001fc66e7203"> <topic>libsndfile -- integer overflow vulnerability in CAF processor</topic> <affects> <package> <name>libsndfile</name> <range><lt>1.0.19</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; <p>Secunia reports:</p> <blockquote cite="http://secunia.com/advisories/33980/">; <p>Secunia Research has discovered a vulnerability in libsndfile, which can be exploited by malicious people to compromise an application using the library.</p> <p>The vulnerability is caused due to an integer overflow error in the processing of CAF description chunks. This can be exploited to cause a heap-based buffer overflow by tricking the user into processing a specially crafted CAF audio file.</p> <p>Successful exploitation may allow execution of arbitrary code.</p> </blockquote> </body> </description> <references> <bid>33963</bid> <cvename>CVE-2009-0186</cvename> <url>http://secunia.com/advisories/33980/</url>; </references> <dates> <discovery>2009-03-03</discovery> <entry>TODAY</entry> </dates> </vuln> --- vuln.xml ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090306195109.E313EB8031>