diff options
-rw-r--r-- | patches/libflac/CVE-2017-6888.patch | 27 | ||||
-rw-r--r-- | vars/build.vars | 8 |
2 files changed, 4 insertions, 31 deletions
diff --git a/patches/libflac/CVE-2017-6888.patch b/patches/libflac/CVE-2017-6888.patch deleted file mode 100644 index 7c829be9..00000000 --- a/patches/libflac/CVE-2017-6888.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 4f47b63e9c971e6391590caf00a0f2a5ed612e67 Mon Sep 17 00:00:00 2001 -From: Erik de Castro Lopo <erikd@mega-nerd.com> -Date: Sat, 8 Apr 2017 18:34:49 +1000 -Subject: [PATCH] stream_decoder.c: Fix a memory leak - -Leak reported by Secunia Research. ---- - src/libFLAC/stream_decoder.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c -index 14d5fe7..a552751 100644 ---- a/src/libFLAC/stream_decoder.c -+++ b/src/libFLAC/stream_decoder.c -@@ -1753,6 +1753,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre - } - memset (obj->comments[i].entry, 0, obj->comments[i].length) ; - if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) { -+ /* Current i-th entry is bad, so we delete it. */ -+ free (obj->comments[i].entry) ; -+ obj->comments[i].entry = NULL ; - obj->num_comments = i; - goto skip; - } --- -2.1.4 - diff --git a/vars/build.vars b/vars/build.vars index 7d133b86..2b88dab7 100644 --- a/vars/build.vars +++ b/vars/build.vars @@ -815,14 +815,14 @@ NATIVE_PACKAGES_DEPS_PYTHON="${PREFIX}/bin/python2"; : ${PKG_LIBFETCH_IN_TREE:=1}; : ${PKG_LIBFETCH_MAKEFLAGS_BUILD_EXTRA:="E=echo Q= AR=${DEFAULT_TARGET}-ar CC=${DEFAULT_TARGET}-gcc LD=${DEFAULT_TARGET}-gcc"}; : ${PKG_LIBFETCH_MAKEFLAGS_INSTALL_EXTRA:="E=echo Q="}; -: ${PKG_LIBOGG_SHA256SUM:=4f3fc6178a533d392064f14776b23c397ed4b9f48f5de297aba73b643f955c08}; -: ${PKG_LIBOGG_VERSION:=1.3.3}; +: ${PKG_LIBOGG_SHA256SUM:=c163bc12bc300c401b6aa35907ac682671ea376f13ae0969a220f7ddf71893fe}; +: ${PKG_LIBOGG_VERSION:=1.3.4}; : ${PKG_LIBOGG_URL:=https://ftp.osuosl.org/pub/xiph/releases/ogg/libogg-${PKG_LIBOGG_VERSION}.tar.xz}; : ${PKG_LIBVORBIS_SHA256SUM:=af00bb5a784e7c9e69f56823de4637c350643deedaf333d0fa86ecdba6fcb415}; : ${PKG_LIBVORBIS_VERSION:=1.3.6}; : ${PKG_LIBVORBIS_URL:=https://ftp.osuosl.org/pub/xiph/releases/vorbis/libvorbis-${PKG_LIBVORBIS_VERSION}.tar.xz}; -: ${PKG_LIBFLAC_SHA256SUM:=91cfc3ed61dc40f47f050a109b08610667d73477af6ef36dcad31c31a4a8d53f}; -: ${PKG_LIBFLAC_VERSION:=1.3.2}; +: ${PKG_LIBFLAC_SHA256SUM:=213e82bd716c9de6db2f98bcadbc4c24c7e2efe8c75939a1a84e28539c4e1748}; +: ${PKG_LIBFLAC_VERSION:=1.3.3}; : ${PKG_LIBFLAC_URL:=https://ftp.osuosl.org/pub/xiph/releases/flac/flac-${PKG_LIBFLAC_VERSION}.tar.xz}; : ${PKG_LIBTHEORA_SHA256SUM:=b6ae1ee2fa3d42ac489287d3ec34c5885730b1296f0801ae577a35193d3affbc}; : ${PKG_LIBTHEORA_VERSION:=1.1.1}; |