| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0003-spelling.patch | spelling fixes =================================================================== |
Jaromr Mike <mira.mikes@seznam.cz> | invalid | |||
| 0005-CVE-2017-15371.patch | [PATCH] flac: fix crash on corrupt metadata (CVE-2017-15371) | Mans Rullgard <mans@mansr.com> | no | 2017-11-05 | ||
| 0006-CVE-2017-11358.patch | [PATCH] hcom: fix crash on input with corrupt dictionary (CVE-2017-11358) | Mans Rullgard <mans@mansr.com> | no | 2017-11-05 | ||
| 0007-CVE-2017-15370.patch | [PATCH] wav: ima_adpcm: fix buffer overflow on corrupt input (CVE-2017-15370) Add the same check bad block size as was done for MS adpcm in commit f39c574b ("More checks for invalid MS ADPCM blocks"). |
Mans Rullgard <mans@mansr.com> | no | 2017-11-05 | ||
| 0008-CVE-2017-11332.patch | [PATCH] wav: fix crash if channel count is zero (CVE-2017-11332) | Mans Rullgard <mans@mansr.com> | no | 2017-11-05 | ||
| 0009-CVE-2017-11359.patch | [PATCH] wav: fix crash writing header when channel count >64k (CVE-2017-11359) | Mans Rullgard <mans@mansr.com> | no | 2017-11-05 | ||
| 0010-wavpack_check_errors.patch | wavpack: check errors when initializinghttps://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881145 Jaromr Mike <mira.mikes@seznam.cz> src/wavpack.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/wavpack.c b/src/wavpack.c index 9e525cd4..b7e8dafa 100644 |
Eric Wong <normalperson@yhbt.net> | not-needed | |||
| 0011-lintian-man-sox.patch | Fix - W: sox: manpage-has-errors-from-man usr/share/man/man1/sox.1.gz file `<standard input>'
Jaromr Mike <mira.mikes@seznam.cz>
diff --git a/sox.1 b/sox.1 index 2c4ca47..4241862 100644 |
gabor.karsay@gmx.at | invalid | |||
| 0012-xa-validate-channel-count.patch | A corrupt header specifying zero channels would send read_channels()into an infinite loop. Prevent this by sanity checking the channel count in open_read(). Also add an upper bound to prevent overflow in multiplication. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881121 Jaromr Mike <mira.mikes@seznam.cz> |
Mans Rullgard <mans@mansr.com> | not-needed | |||
| 0013-CVE-2017-15372.patch | adpcm: fix stack overflow with >4 channels (CVE-2017-15372) | Mans Rullgard <mans@mansr.com> | no | 2017-11-08 | ||
| 0014-CVE-2017-15642.patch | This fixes a use after free and double free if an empty commentchunk follows a non-empty one. | Mans Rullgard <mans@mansr.com> | not-needed | |||
| 0015-Handle-vorbis_analysis_headerout-errors.patch | [PATCH] Handle vorbis_analysis_headerout errors
This is related to https://github.com/xiph/vorbis/pull/34 but could also happen today with on other errors in the called function. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=882236 |
=?UTF-8?q?Guido=20G=C3=BCnther?= <agx@sigxcpu.org> | invalid | 2017-11-15 | ||
| 0016-CVE-2019-8354.patch | no | |||||
| 0017-CVE-2019-8355.patch | no | |||||
| 0018-CVE-2019-8356.patch | no | |||||
| 0019-CVE-2019-8357.patch | no | |||||
| 0020-CVE-2019-13590.patch | no | |||||
| CVE-2017-11358-revised.patch | [PATCH] hcom: fix crash on input with corrupt dictionary (CVE-2017-11358) | Mans Rullgard <mans@mansr.com> | no | 2017-11-05 | ||
| CVE-2021-23159.patch | hcom: validate dictsize This patch fixes both CVE-2021-23159 and CVE-2021-23172. |
Helmut Grohne <helmut@subdivi.de> | yes | debian upstream | ||
| CVE-2021-33844.patch | wav: reject 0 bits per sample to avoid division by zero | Helmut Grohne <helmut@subdivi.de> | yes | debian upstream | ||
| CVE-2021-3643.patch | voc: word width should never be 0 to avoid division by zero This patch fixes both CVE-2021-3643 and CVE-2021-23210. |
Helmut Grohne <helmut@subdivi.de> | yes | debian upstream | ||
| CVE-2021-40426.patch | sphere: avoid integer underflow | Helmut Grohne <helmut@subdivi.de> | yes | debian upstream | ||
| CVE-2022-31650.patch | formats+aiff: reject implausibly large number of channels | Helmut Grohne <helmut@subdivi.de> | yes | debian upstream | ||
| CVE-2022-31651.patch | formats: reject implausible rate | Helmut Grohne <helmut@subdivi.de> | yes | debian upstream | ||
| fix-hcom-big-endian.patch | [PATCH] hcom: fix pointer type confusion [bug #308] The compress() call fails on big endian systems with size_t bigger than int32_t. Fix by using the correct types. |
Mans Rullgard <mans@mansr.com> | no | 2018-04-28 | ||
| fix-resource-leak-comments.patch | fix a resource leak of comments on input parsing failure | Helmut Grohne <helmut@subdivi.de> | no | |||
| fix-resource-leak-hcom.patch | hcom: fix dictionary resource leaks startread and stopread should release p->dictionary in all failure modes. |
Helmut Grohne <helmut@subdivi.de> | no | |||
| 0001-fix-build.patch | fix build | Mans Rullgard <mans@mansr.com> | not-needed |