commit: fedc905f2f73265c4108e2a4b359846d10dee66d
Author: David Seifert <soap <AT> gentoo <DOT> org>
AuthorDate: Fri Jan 20 18:53:40 2017 +0000
Commit: David Seifert <soap <AT> gentoo <DOT> org>
CommitDate: Fri Jan 20 18:56:27 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fedc905f
media-libs/opus: Add patch for CVE-2017-0381
Gentoo-bug: 605894
Package-Manager: Portage-2.3.3, Repoman-2.3.1
.../opus/files/opus-1.1.3-CVE-2017-0381.patch | 24 +++++++++++++
media-libs/opus/opus-1.1.3-r1.ebuild | 42 ++++++++++++++++++++++
2 files changed, 66 insertions(+)
diff --git a/media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch
b/media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch
new file mode 100644
index 00000000..621236b
--- /dev/null
+++ b/media-libs/opus/files/opus-1.1.3-CVE-2017-0381.patch
@@ -0,0 +1,24 @@
+From 79e8f527b0344b0897a65be35e77f7885bd99409 Mon Sep 17 00:00:00 2001
+From: Felicia Lim <f...@google.com>
+Date: Thu, 28 Jul 2016 15:21:19 +0200
+Subject: [PATCH] Ensure that NLSF cannot be negative when computing a min
+ distance between them
+
+Signed-off-by: Jean-Marc Valin <jmva...@jmvalin.ca>
+---
+ silk/NLSF_stabilize.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/silk/NLSF_stabilize.c b/silk/NLSF_stabilize.c
+index 1fa1ea3..8f3426b 100644
+--- a/silk/NLSF_stabilize.c
++++ b/silk/NLSF_stabilize.c
+@@ -130,7 +130,7 @@ void silk_NLSF_stabilize(
+
+ /* Keep delta_min distance between the NLSFs */
+ for( i = 1; i < L; i++ )
+- NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], NLSF_Q15[i-1] +
NDeltaMin_Q15[i] );
++ NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], silk_ADD_SAT16(
NLSF_Q15[i-1], NDeltaMin_Q15[i] ) );
+
+ /* Last NLSF should be no higher than 1 - NDeltaMin[L] */
+ NLSF_Q15[L-1] = silk_min_int( NLSF_Q15[L-1], (1<<15) -
NDeltaMin_Q15[L] );
diff --git a/media-libs/opus/opus-1.1.3-r1.ebuild
b/media-libs/opus/opus-1.1.3-r1.ebuild
new file mode 100644
index 00000000..cfe478a
--- /dev/null
+++ b/media-libs/opus/opus-1.1.3-r1.ebuild
@@ -0,0 +1,42 @@
+# Copyright 1999-2017 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Id$
+
+EAPI=6
+inherit multilib-minimal
+
+if [[ ${PV} == *9999 ]] ; then
+ inherit git-2
+ EGIT_REPO_URI="git://git.opus-codec.org/opus.git"
+else
+ SRC_URI="http://downloads.xiph.org/releases/${PN}/${P}.tar.gz";
+ KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~sparc ~x86
~amd64-fbsd"
+fi
+
+DESCRIPTION="Open codec designed for internet transmission of interactive
speech and audio"
+HOMEPAGE="http://opus-codec.org/";
+SRC_URI="http://downloads.xiph.org/releases/opus/${P}.tar.gz";
+
+LICENSE="BSD-2"
+SLOT="0"
+INTRINSIC_FLAGS="cpu_flags_x86_sse neon"
+IUSE="ambisonics custom-modes doc static-libs ${INTRINSIC_FLAGS}"
+
+DEPEND="doc? ( app-doc/doxygen )"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-1.1.3-CVE-2017-0381.patch
+)
+
+multilib_src_configure() {
+ local myeconfargs=(
+ $(use_enable custom-modes)
+ $(use_enable ambisonics)
+ $(use_enable doc)
+ )
+ for i in ${INTRINSIC_FLAGS} ; do
+ use ${i} && myeconfargs+=( --enable-intrinsics )
+ done
+ ECONF_SOURCE="${S}" \
+ econf "${myeconfargs[@]}"
+}
