[OE-core] [rocko][pyro][PATCH 0/3] libvorbis security fixes
Tanu Kaskinen
tanuk at iki.fi
Sat Mar 31 05:21:29 UTC 2018
Here are some libvorbis CVE fixes cherry-picked from master. The bugs
affect at least rocko, pyro and morty, I haven't checked older stable
branches. I don't know in which libvorbis version the bugs were
introduced.
These patches apply to rocko and pyro. The patches don't apply cleanly
to morty, so I'll send the morty patches separately.
Tanu Kaskinen (3):
libvorbis: CVE-2017-14633
libvorbis: CVE-2017-14632
libvorbis: CVE-2018-5146
.../libvorbis/libvorbis/CVE-2017-14632.patch | 62 +++++++++++++
.../libvorbis/libvorbis/CVE-2017-14633.patch | 42 +++++++++
.../libvorbis/libvorbis/CVE-2018-5146.patch | 100 +++++++++++++++++++++
.../libvorbis/libvorbis_1.3.5.bb | 3 +
4 files changed, 207 insertions(+)
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14632.patch
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14633.patch
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-5146.patch
--
2.16.2
More information about the Openembedded-core
mailing list