[OE-core] [morty][PATCH 0/3] libvorbis security fixes
Tanu Kaskinen
tanuk at iki.fi
Sat Mar 31 05:24:25 UTC 2018
Here are some libvorbis CVE fixes cherry-picked from master. The bugs
affect at least rocko, pyro and morty, I haven't checked older stable
branches. I don't know in which libvorbis version the bugs were
introduced.
These patches apply to morty. I have sent the rocko and pyro patches
separately.
Tanu Kaskinen (3):
libvorbis: CVE-2017-14633
libvorbis: CVE-2017-14632
libvorbis: CVE-2018-5146
.../libvorbis/libvorbis/CVE-2017-14632.patch | 62 +++++++++++++
.../libvorbis/libvorbis/CVE-2017-14633.patch | 42 +++++++++
.../libvorbis/libvorbis/CVE-2018-5146.patch | 100 +++++++++++++++++++++
.../libvorbis/libvorbis_1.3.5.bb | 6 +-
4 files changed, 209 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14632.patch
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2017-14633.patch
create mode 100644 meta/recipes-multimedia/libvorbis/libvorbis/CVE-2018-5146.patch
--
2.16.2
More information about the Openembedded-core
mailing list