Bug#895537: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u3

2018-07-14 Thread Adam D. Barratt 
On Sat, 2018-07-14 at 09:09 +0200, Salvatore Bonaccorso wrote:
> Hi James,
> 
> On Tue, Jul 03, 2018 at 09:07:29PM +0100, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On Thu, 2018-04-12 at 11:42 +0100, James Cowgill wrote:
> > > This fixes CVE-2018-10017 which is a security bug tagged as "no-
> > > DSA"
> > > by the security team.
> > > 
> > > The fix is quite simple and looks correct to me. I've done some
> > > testing to make sure things still work after this update.
> > > 
> > 
> > Please go ahead; sorry for the delay.
> 
> Was now to late for 9.5, but to have it included in next one, can you
> already upload it at your earliest possibility? Above is the ack from
> Adam.

This was uploaded during this week, which was sadly past the freeze
point for 9.5. It's in stable-new, so should get processed in the first
run through the queue after the point release.

Regards,

Adam

Bug#895537: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u3

2018-07-14 Thread Salvatore Bonaccorso 
Hi James,

On Tue, Jul 03, 2018 at 09:07:29PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Thu, 2018-04-12 at 11:42 +0100, James Cowgill wrote:
> > This fixes CVE-2018-10017 which is a security bug tagged as "no-DSA"
> > by the security team.
> > 
> > The fix is quite simple and looks correct to me. I've done some
> > testing to make sure things still work after this update.
> > 
> 
> Please go ahead; sorry for the delay.

Was now to late for 9.5, but to have it included in next one, can you
already upload it at your earliest possibility? Above is the ack from
Adam.

Regards,
Salvatore

Bug#895537: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u3

2018-07-03 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Thu, 2018-04-12 at 11:42 +0100, James Cowgill wrote:
> This fixes CVE-2018-10017 which is a security bug tagged as "no-DSA"
> by the security team.
> 
> The fix is quite simple and looks correct to me. I've done some
> testing to make sure things still work after this update.
> 

Please go ahead; sorry for the delay.

Regards,

Adam

Processed: Re: Bug#895537: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u3

2018-07-03 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + confirmed
Bug #895537 [release.debian.org] stretch-pu: package 
libopenmpt/0.2.7386~beta20.3-3+deb9u3
Added tag(s) confirmed.

-- 
895537: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=895537
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#895537: stretch-pu: package libopenmpt/0.2.7386~beta20.3-3+deb9u3

2018-04-12 Thread James Cowgill 
Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: pu
Tags: stretch
Severity: normal

Hi,

This fixes CVE-2018-10017 which is a security bug tagged as "no-DSA" by
the security team.

The fix is quite simple and looks correct to me. I've done some testing
to make sure things still work after this update.

Thanks,
James

-- System Information:
Debian Release: buster/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1,
'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -Nru libopenmpt-0.2.7386~beta20.3/debian/changelog 
libopenmpt-0.2.7386~beta20.3/debian/changelog
--- libopenmpt-0.2.7386~beta20.3/debian/changelog   2017-07-15 
18:33:57.0 +0100
+++ libopenmpt-0.2.7386~beta20.3/debian/changelog   2018-04-12 
10:14:53.0 +0100
@@ -1,3 +1,10 @@
+libopenmpt (0.2.7386~beta20.3-3+deb9u3) stretch; urgency=medium
+
+  * Add patch to fix CVE-2018-10017 (Closes: #895406).
+- up11: Out-of-bounds read loading IT / MO3 files with many pattern loops.
+
+ -- James Cowgill   Thu, 12 Apr 2018 10:14:53 +0100
+
 libopenmpt (0.2.7386~beta20.3-3+deb9u2) stretch; urgency=medium
 
   * Add security patches (Closes: #867579).
diff -Nru libopenmpt-0.2.7386~beta20.3/debian/patches/series 
libopenmpt-0.2.7386~beta20.3/debian/patches/series
--- libopenmpt-0.2.7386~beta20.3/debian/patches/series  2017-07-15 
16:49:37.0 +0100
+++ libopenmpt-0.2.7386~beta20.3/debian/patches/series  2018-04-12 
10:13:10.0 +0100
@@ -6,3 +6,4 @@
 up6-invalid-memory-read-when-applying-nnas-to-effect-plugins.patch
 up8-out-of-bounds-read-plm.patch
 up10-heap-buffer-overflow-in-sample-loading-from-malformed-files-psm.patch
+up11-out-of-bounds-read-it-itp-mo3.patch
diff -Nru 
libopenmpt-0.2.7386~beta20.3/debian/patches/up11-out-of-bounds-read-it-itp-mo3.patch
 
libopenmpt-0.2.7386~beta20.3/debian/patches/up11-out-of-bounds-read-it-itp-mo3.patch
--- 
libopenmpt-0.2.7386~beta20.3/debian/patches/up11-out-of-bounds-read-it-itp-mo3.patch
1970-01-01 01:00:00.0 +0100
+++ 
libopenmpt-0.2.7386~beta20.3/debian/patches/up11-out-of-bounds-read-it-itp-mo3.patch
2018-04-12 10:14:53.0 +0100
@@ -0,0 +1,20 @@
+Description: Fix CVE-2018-10017
+ See 
https://lib.openmpt.org/libopenmpt/2018/04/08/security-updates-0.3.8-0.2-beta31-0.2.7561-beta20.5-p8-0.2.7386-beta20.3-p11/
+ Fix possible out-of-bounds memory read with IT and MO3 files containing many
+ nested pattern loops.
+Origin: upstream, 
https://source.openmpt.org/browse/openmpt?op=revision=10042
+Bug-Debian: https://bugs.debian.org/895406
+---
+This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
+--- a/soundlib/Snd_fx.cpp
 b/soundlib/Snd_fx.cpp
+@@ -1042,7 +1042,8 @@ std::vector CSoundFile::G
+   if(GetType() == MOD_TYPE_IT)
+   {
+   // IT pattern loop start row update - at the 
end of a pattern loop, set pattern loop start to next row (for upcoming pattern 
loops with missing SB0)
+-  for(CHANNELINDEX nChn = 0; nChn < 
GetNumChannels(); nChn++)
++  pChn = memory.state.Chn;
++  for(CHANNELINDEX nChn = 0; nChn < 
GetNumChannels(); nChn++, pChn++)
+   {
+   if((pChn->rowCommand.command == 
CMD_S3MCMDEX && pChn->rowCommand.param >= 0xB1 && pChn->rowCommand.param <= 
0xBF))
+   {


signature.asc
Description: OpenPGP digital signature