ports/132371: [vuxml] [patch] audio/libsndfile: update to 1.0.19 and fix CVE-2009-0186
Eygene Ryabinkin
rea-fbsd at codelabs.ru
Fri Mar 6 20:00:18 UTC 2009
>Number: 132371
>Category: ports
>Synopsis: [vuxml] [patch] audio/libsndfile: update to 1.0.19 and fix CVE-2009-0186
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Mar 06 20:00:09 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: Eygene Ryabinkin
>Release: FreeBSD 7.1-STABLE amd64
>Organization:
Code Labs
>Environment:
System: FreeBSD 7.1-STABLE amd64
>Description:
Secunia found integer overflow in CAF processing within libsndfile
1.0.18, [1]. This could lead to the arbitrary code execution with
the privileges of process that uses libsndfile to play/process the
crafted CAF file.
>How-To-Repeat:
[1] http://secunia.com/advisories/33980/
>Fix:
The following patch updates the port to 1.0.19. I had mildly tested
it and found no problems.
--- update-to-1.0.19.diff begins here ---
>From 4f01cb69c37a0df98d0c3c3e483121bb1d944d6b Mon Sep 17 00:00:00 2001
From: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
Date: Fri, 6 Mar 2009 22:42:50 +0300
I had tested the new port version by using sndfile-convert to transform
standart .flac applaud00.flac to WAV and CAF files and transform back
from these two formats to FLAC. Worked without troubles.
Signed-off-by: Eygene Ryabinkin <rea-fbsd at codelabs.ru>
---
audio/libsndfile/Makefile | 2 +-
audio/libsndfile/distinfo | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/audio/libsndfile/Makefile b/audio/libsndfile/Makefile
index 67c3e59..0ec8ccb 100644
--- a/audio/libsndfile/Makefile
+++ b/audio/libsndfile/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= libsndfile
-PORTVERSION= 1.0.18
+PORTVERSION= 1.0.19
CATEGORIES= audio
MASTER_SITES= http://www.mega-nerd.com/libsndfile/
diff --git a/audio/libsndfile/distinfo b/audio/libsndfile/distinfo
index e5f689a..5e9e5a5 100644
--- a/audio/libsndfile/distinfo
+++ b/audio/libsndfile/distinfo
@@ -1,3 +1,3 @@
-MD5 (libsndfile-1.0.18.tar.gz) = 9fde6efb1b75ef38398acf856f252416
-SHA256 (libsndfile-1.0.18.tar.gz) = c0821534a8510982d26b3085b148d9091dede53780733515eb49c99a65da293a
-SIZE (libsndfile-1.0.18.tar.gz) = 923666
+MD5 (libsndfile-1.0.19.tar.gz) = 8fa24b0c0a8758543427c9741ea06924
+SHA256 (libsndfile-1.0.19.tar.gz) = 4b567a02e15bcae25fa1aeb3361b4e2cb8b2ce08e9b53faa81f77a34fb2b5419
+SIZE (libsndfile-1.0.19.tar.gz) = 924368
--
1.6.1
--- update-to-1.0.19.diff ends here ---
The following VuXML entry should be evaluated and added:
--- vuln.xml begins here ---
<vuln vid="ed39c2f3-0a82-11de-9a16-001fc66e7203">
<topic>libsndfile -- integer overflow vulnerability in CAF processor</topic>
<affects>
<package>
<name>libsndfile</name>
<range><lt>1.0.19</lt></range>
</package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Secunia reports:</p>
<blockquote
cite="http://secunia.com/advisories/33980/">
<p>Secunia Research has discovered a vulnerability in
libsndfile, which can be exploited by malicious people to
compromise an application using the library.</p>
<p>The vulnerability is caused due to an integer overflow
error in the processing of CAF description chunks. This can be
exploited to cause a heap-based buffer overflow by tricking
the user into processing a specially crafted CAF audio
file.</p>
<p>Successful exploitation may allow execution of arbitrary
code.</p>
</blockquote>
</body>
</description>
<references>
<bid>33963</bid>
<cvename>CVE-2009-0186</cvename>
<url>http://secunia.com/advisories/33980/</url>
</references>
<dates>
<discovery>2009-03-03</discovery>
<entry>TODAY</entry>
</dates>
</vuln>
--- vuln.xml ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list