Your message dated Fri, 03 Feb 2017 17:00:00 +0000
with message-id <[email protected]>
and subject line Re: Bug#853264: unblock: wavpack/5.0.0-2
has caused the Debian Bug report #853264,
regarding unblock: wavpack/5.0.0-2
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
853264: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853264
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Please unblock package wavpack. 5.0.0-2 fixes CVE-2016-10169, CVE-2016-10170,
CVE-2016-10171 and CVE-2016-10172 by simply applying upstream's patch for the
CVEs.
unblock wavpack/5.0.0-2
-- System Information:
Debian Release: 9.0
APT prefers unstable-debug
APT policy: (650, 'unstable-debug'), (650, 'buildd-unstable'), (650,
'unstable'), (601, 'testing'), (600, 'experimental-debug'), (600,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
--
Sebastian Ramacher
diff --git a/debian/changelog b/debian/changelog
index 18586f6..3cc049a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+wavpack (5.0.0-2) unstable; urgency=medium
+
+ * Team upload.
+ * debian/patches: Apply upstream fix to fix some fuzz failures
+ (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172). (Closes:
+ #853076)
+
+ -- Sebastian Ramacher <[email protected]> Mon, 30 Jan 2017 21:04:05 +0100
+
wavpack (5.0.0-1) unstable; urgency=medium
* Team upload.
diff --git
a/debian/patches/fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch
b/debian/patches/fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch
new file mode 100644
index 0000000..62346c7
--- /dev/null
+++ b/debian/patches/fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch
@@ -0,0 +1,52 @@
+From 4bc05fc490b66ef2d45b1de26abf1455b486b0dc Mon Sep 17 00:00:00 2001
+From: David Bryant <[email protected]>
+Date: Wed, 21 Dec 2016 22:18:36 -0800
+Subject: [PATCH] fixes for 4 fuzz failures posted to SourceForge mailing list
+
+---
+ src/open_utils.c | 6 +++++-
+ src/read_words.c | 4 ++++
+ 2 files changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/src/open_utils.c b/src/open_utils.c
+index 7519f99..a844046 100644
+--- a/src/open_utils.c
++++ b/src/open_utils.c
+@@ -560,7 +560,7 @@ static int read_new_config_info (WavpackContext *wpc,
WavpackMetadata *wpmd)
+
+ // if there's any data, the first two bytes are file_format and qmode
flags
+
+- if (bytecnt) {
++ if (bytecnt >= 2) {
+ wpc->file_format = *byteptr++;
+ wpc->config.qmode = (wpc->config.qmode & ~0xff) | *byteptr++;
+ bytecnt -= 2;
+@@ -593,6 +593,10 @@ static int read_new_config_info (WavpackContext *wpc,
WavpackMetadata *wpmd)
+ for (i = 0; i < nchans; ++i)
+ if (bytecnt) {
+ wpc->channel_reordering [i] = *byteptr++;
++
++ if (wpc->channel_reordering [i] >= nchans)
// make sure index is in range
++ wpc->channel_reordering [i] = 0;
++
+ bytecnt--;
+ }
+ else
+diff --git a/src/read_words.c b/src/read_words.c
+index 62acac3..a537bfa 100644
+--- a/src/read_words.c
++++ b/src/read_words.c
+@@ -288,6 +288,10 @@ int32_t FASTCALL get_word (WavpackStream *wps, int chan,
int32_t *correction)
+
+ low &= 0x7fffffff;
+ high &= 0x7fffffff;
++
++ if (low > high) // make sure high and low make sense
++ high = low;
++
+ mid = (high + low + 1) >> 1;
+
+ if (!c->error_limit)
+--
+2.11.0
+
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..28b0d00
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
Sebastian Ramacher:
> Package: release.debian.org
> Severity: normal
> User: [email protected]
> Usertags: unblock
>
> Please unblock package wavpack. 5.0.0-2 fixes CVE-2016-10169, CVE-2016-10170,
> CVE-2016-10171 and CVE-2016-10172 by simply applying upstream's patch for the
> CVEs.
>
> unblock wavpack/5.0.0-2
>
> [...]
Unblocked, thanks.
~Niels
--- End Message ---
