Bug#1140507: trixie-pu: package alsa-lib/1.2.14-1+deb13u1

Sun, 21 Jun 2026 10:57:16 -0700 

Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: [email protected], [email protected]
Control: affects -1 + src:alsa-lib
User: [email protected]
Usertags: pu

Fixes a low impact security issue, debdiff below. All tests in debusine
are looking good.

Cheers,
        Moritz

diff -Nru alsa-lib-1.2.14/debian/changelog alsa-lib-1.2.14/debian/changelog
--- alsa-lib-1.2.14/debian/changelog    2025-04-14 20:26:22.000000000 +0200
+++ alsa-lib-1.2.14/debian/changelog    2026-06-19 20:17:25.000000000 +0200
@@ -1,3 +1,9 @@
+alsa-lib (1.2.14-1+deb13u1) trixie; urgency=medium
+
+  * CVE-2026-25068 (Closes: #1126629)
+
+ -- Moritz Mühlenhoff <[email protected]>  Fri, 19 Jun 2026 20:17:25 +0200
+
 alsa-lib (1.2.14-1) unstable; urgency=medium
 
   * New upstream release.
diff -Nru alsa-lib-1.2.14/debian/patches/CVE-2026-25068.patch 
alsa-lib-1.2.14/debian/patches/CVE-2026-25068.patch
--- alsa-lib-1.2.14/debian/patches/CVE-2026-25068.patch 1970-01-01 
01:00:00.000000000 +0100
+++ alsa-lib-1.2.14/debian/patches/CVE-2026-25068.patch 2026-06-19 
20:17:25.000000000 +0200
@@ -0,0 +1,20 @@
+From 5f7fe33002d2d98d84f72e381ec2cccc0d5d3d40 Mon Sep 17 00:00:00 2001
+From: Jaroslav Kysela <[email protected]>
+Date: Thu, 29 Jan 2026 16:51:09 +0100
+Subject: [PATCH] topology: decoder - add boundary check for channel mixer
+ count
+
+--- alsa-lib-1.2.14.orig/src/topology/ctl.c
++++ alsa-lib-1.2.14/src/topology/ctl.c
+@@ -1247,6 +1247,11 @@ int tplg_decode_control_mixer1(snd_tplg_
+       if (mc->num_channels > 0) {
+               map = tplg_calloc(heap, sizeof(*map));
+               map->num_channels = mc->num_channels;
++              if (map->num_channels > SND_TPLG_MAX_CHAN ||
++                  map->num_channels > SND_SOC_TPLG_MAX_CHAN) {
++                      SNDERR("mixer: unexpected channel count %d", 
map->num_channels);
++                      return -EINVAL;
++              }
+               for (i = 0; i < map->num_channels; i++) {
+                       map->channel[i].reg = mc->channel[i].reg;
+                       map->channel[i].shift = mc->channel[i].shift;
diff -Nru alsa-lib-1.2.14/debian/patches/series 
alsa-lib-1.2.14/debian/patches/series
--- alsa-lib-1.2.14/debian/patches/series       2024-02-09 21:18:05.000000000 
+0100
+++ alsa-lib-1.2.14/debian/patches/series       2026-06-19 20:17:25.000000000 
+0200
@@ -1 +1,2 @@
 0001-Enabled-extended-namehints-in-alsa.conf.patch
+CVE-2026-25068.patch

Reply via email to