summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--patches/libflac/CVE-2017-6888.patch27
-rw-r--r--vars/build.vars8
2 files changed, 4 insertions, 31 deletions
diff --git a/patches/libflac/CVE-2017-6888.patch b/patches/libflac/CVE-2017-6888.patch
deleted file mode 100644
index 7c829be9..00000000
--- a/patches/libflac/CVE-2017-6888.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 4f47b63e9c971e6391590caf00a0f2a5ed612e67 Mon Sep 17 00:00:00 2001
-From: Erik de Castro Lopo <erikd@mega-nerd.com>
-Date: Sat, 8 Apr 2017 18:34:49 +1000
-Subject: [PATCH] stream_decoder.c: Fix a memory leak
-
-Leak reported by Secunia Research.
----
- src/libFLAC/stream_decoder.c | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
-index 14d5fe7..a552751 100644
---- a/src/libFLAC/stream_decoder.c
-+++ b/src/libFLAC/stream_decoder.c
-@@ -1753,6 +1753,9 @@ FLAC__bool read_metadata_vorbiscomment_(FLAC__StreamDecoder *decoder, FLAC__Stre
- }
- memset (obj->comments[i].entry, 0, obj->comments[i].length) ;
- if (!FLAC__bitreader_read_byte_block_aligned_no_crc(decoder->private_->input, obj->comments[i].entry, obj->comments[i].length)) {
-+ /* Current i-th entry is bad, so we delete it. */
-+ free (obj->comments[i].entry) ;
-+ obj->comments[i].entry = NULL ;
- obj->num_comments = i;
- goto skip;
- }
---
-2.1.4
-
diff --git a/vars/build.vars b/vars/build.vars
index 7d133b86..2b88dab7 100644
--- a/vars/build.vars
+++ b/vars/build.vars
@@ -815,14 +815,14 @@ NATIVE_PACKAGES_DEPS_PYTHON="${PREFIX}/bin/python2";
: ${PKG_LIBFETCH_IN_TREE:=1};
: ${PKG_LIBFETCH_MAKEFLAGS_BUILD_EXTRA:="E=echo Q= AR=${DEFAULT_TARGET}-ar CC=${DEFAULT_TARGET}-gcc LD=${DEFAULT_TARGET}-gcc"};
: ${PKG_LIBFETCH_MAKEFLAGS_INSTALL_EXTRA:="E=echo Q="};
-: ${PKG_LIBOGG_SHA256SUM:=4f3fc6178a533d392064f14776b23c397ed4b9f48f5de297aba73b643f955c08};
-: ${PKG_LIBOGG_VERSION:=1.3.3};
+: ${PKG_LIBOGG_SHA256SUM:=c163bc12bc300c401b6aa35907ac682671ea376f13ae0969a220f7ddf71893fe};
+: ${PKG_LIBOGG_VERSION:=1.3.4};
: ${PKG_LIBOGG_URL:=https://ftp.osuosl.org/pub/xiph/releases/ogg/libogg-${PKG_LIBOGG_VERSION}.tar.xz};
: ${PKG_LIBVORBIS_SHA256SUM:=af00bb5a784e7c9e69f56823de4637c350643deedaf333d0fa86ecdba6fcb415};
: ${PKG_LIBVORBIS_VERSION:=1.3.6};
: ${PKG_LIBVORBIS_URL:=https://ftp.osuosl.org/pub/xiph/releases/vorbis/libvorbis-${PKG_LIBVORBIS_VERSION}.tar.xz};
-: ${PKG_LIBFLAC_SHA256SUM:=91cfc3ed61dc40f47f050a109b08610667d73477af6ef36dcad31c31a4a8d53f};
-: ${PKG_LIBFLAC_VERSION:=1.3.2};
+: ${PKG_LIBFLAC_SHA256SUM:=213e82bd716c9de6db2f98bcadbc4c24c7e2efe8c75939a1a84e28539c4e1748};
+: ${PKG_LIBFLAC_VERSION:=1.3.3};
: ${PKG_LIBFLAC_URL:=https://ftp.osuosl.org/pub/xiph/releases/flac/flac-${PKG_LIBFLAC_VERSION}.tar.xz};
: ${PKG_LIBTHEORA_SHA256SUM:=b6ae1ee2fa3d42ac489287d3ec34c5885730b1296f0801ae577a35193d3affbc};
: ${PKG_LIBTHEORA_VERSION:=1.1.1};