Date: Thu, 1 Mar 2018 23:52:56 +0000 (UTC) From: "Jason E. Hale" <jhale@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r463360 - head/security/vuxml Message-ID: <201803012352.w21NquaS083174@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jhale Date: Thu Mar 1 23:52:56 2018 New Revision: 463360 URL: https://svnweb.freebsd.org/changeset/ports/463360 Log: Document additional vulnerabilities in audio/libsndfile Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Mar 1 23:46:17 2018 (r463359) +++ head/security/vuxml/vuln.xml Thu Mar 1 23:52:56 2018 (r463360) @@ -58,6 +58,135 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="30704aba-1da4-11e8-b6aa-4ccc6adda413"> + <topic>libsndfile -- out-of-bounds reads</topic> + <affects> + <package> + <name>libsndfile</name> + <name>linux-c6-libsndfile</name> + <name>linux-c7-libsndfile</name> + <range><lt>1.0.29</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Xin-Jiang on Github reports:</p> + <blockquote cite="https://github.com/erikd/libsndfile/issues/317">; + <p>CVE-2017-14245 (Medium): An out of bounds read in the function + d2alaw_array() in alaw.c of libsndfile 1.0.28 may lead to a remote + DoS attack or information disclosure, related to mishandling of + the NAN and INFINITY floating-point values.</p> + <p>CVE-2017-14246 (Medium): An out of bounds read in the function + d2ulaw_array() in ulaw.c of libsndfile 1.0.28 may lead to a remote + DoS attack or information disclosure, related to mishandling of the + NAN and INFINITY floating-point values.</p> + </blockquote> + <p>my123px on Github reports:</p> + <blockquote cite="https://github.com/erikd/libsndfile/issues/344">; + <p>CVE-2017-17456 (Medium): The function d2alaw_array() in alaw.c of + libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown + address 0x000000000000), a different vulnerability than CVE-2017-14245.</p> + <p>CVE-2017-17457 (Medium): The function d2ulaw_array() in ulaw.c of + libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown + address 0x000000000000), a different vulnerability than CVE-2017-14246.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2017-14245</cvename> + <cvename>CVE-2017-14246</cvename> + <url>https://github.com/erikd/libsndfile/issues/317</url>; + <cvename>CVE-2017-17456</cvename> + <cvename>CVE-2017-17457</cvename> + <url>https://github.com/erikd/libsndfile/issues/344</url>; + </references> + <dates> + <discovery>2017-09-11</discovery> + <entry>2018-03-01</entry> + </dates> + </vuln> + + <vuln vid="2b386075-1d9c-11e8-b6aa-4ccc6adda413"> + <topic>libsndfile -- multiple vulnerabilities</topic> + <affects> + <package> + <name>libsndfile</name> + <name>linux-c6-libsndfile</name> + <name>linux-c7-libsndfile</name> + <range><le>1.0.28</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Agostino Sarubbo, Gentoo reports:</p> + <blockquote cite="https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/">; + <p>CVE-2017-8361 (Medium): The flac_buffer_copy function in flac.c in + libsndfile 1.0.28 allows remote attackers to cause a denial of service + (buffer overflow and application crash) or possibly have unspecified + other impact via a crafted audio file.</p> + </blockquote> + <blockquote cite="https://blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_buffer_copy-flac-c/">; + <p>CVE-2017-8362 (Medium): The flac_buffer_copy function in flac.c in + libsndfile 1.0.28 allows remote attackers to cause a denial of service + (invalid read and application crash) via a crafted audio file.</p> + </blockquote> + <blockquote cite="https://blogs.gentoo.org/ago/2017/04/29/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c/">; + <p>CVE-2017-8363 (Medium): The flac_buffer_copy function in flac.c in + libsndfile 1.0.28 allows remote attackers to cause a denial of service + (heap-based buffer over-read and application crash) via a crafted audio + file.</p> + </blockquote> + <blockquote cite="https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/">; + <p>CVE-2017-8365 (Medium): The i2les_array function in pcm.c in libsndfile + 1.0.28 allows remote attackers to cause a denial of service (buffer + over-read and application crash) via a crafted audio file.</p> + </blockquote> + <p>manxorist on Github reports:</p> + <blockquote cite="https://github.com/erikd/libsndfile/issues/292">; + <p>CVE-2017-12562 (High): Heap-based Buffer Overflow in the + psf_binheader_writef function in common.c in libsndfile through + 1.0.28 allows remote attackers to cause a denial of service + (application crash) or possibly have unspecified other impact.</p> + </blockquote> + <p>Xin-Jiang on Github reports:</p> + <blockquote cite="https://github.com/erikd/libsndfile/issues/318">; + <p>CVE-2017-14634 (Medium): In libsndfile 1.0.28, a divide-by-zero + error exists in the function double64_init() in double64.c, which + may lead to DoS when playing a crafted audio file.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2017-8361</cvename> + <url>https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-flac_buffer_copy-flac-c/</url>; + <url>https://github.com/erikd/libsndfile/issues/232</url>; + <url>https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3</url>; + <cvename>CVE-2017-8362</cvename> + <url>https://blogs.gentoo.org/ago/2017/04/29/libsndfile-invalid-memory-read-in-flac_buffer_copy-flac-c/</url>; + <url>https://github.com/erikd/libsndfile/issues/231</url>; + <url>https://github.com/erikd/libsndfile/commit/ef1dbb2df1c0e741486646de40bd638a9c4cd808</url>; + <cvename>CVE-2017-8363</cvename> + <url>https://blogs.gentoo.org/ago/2017/04/29/libsndfile-heap-based-buffer-overflow-in-flac_buffer_copy-flac-c/</url>; + <url>https://github.com/erikd/libsndfile/issues/233</url>; + <url>https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3</url>; + <url>https://github.com/erikd/libsndfile/commit/cd7da8dbf6ee4310d21d9e44b385d6797160d9e8</url>; + <cvename>CVE-2017-8365</cvename> + <url>https://blogs.gentoo.org/ago/2017/04/29/libsndfile-global-buffer-overflow-in-i2les_array-pcm-c/</url>; + <url>https://github.com/erikd/libsndfile/issues/230</url>; + <url>https://github.com/erikd/libsndfile/commit/fd0484aba8e51d16af1e3a880f9b8b857b385eb3</url>; + <cvename>CVE-2017-12562</cvename> + <url>https://github.com/erikd/libsndfile/issues/292/</url>; + <url>https://github.com/erikd/libsndfile/commit/cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8</url>; + <cvename>CVE-2017-14634</cvename> + <url>https://github.com/erikd/libsndfile/issues/318</url>; + <url>https://github.com/erikd/libsndfile/commit/85c877d5072866aadbe8ed0c3e0590fbb5e16788</url>; + </references> + <dates> + <discovery>2017-04-12</discovery> + <entry>2018-03-01</entry> + </dates> + </vuln> + <vuln vid="e3eeda2e-1d67-11e8-a2ec-6cc21735f730"> <topic>PostgreSQL vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201803012352.w21NquaS083174>