Hello community, here is the log from the commit of package csound for openSUSE:12.1:Update:Test checked in at 2012-02-28 13:47:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:12.1:Update:Test/csound (Old) and /work/SRC/openSUSE:12.1:Update:Test/.csound.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "csound", Maintainer is "ti...@suse.com" Changes: -------- --- /work/SRC/openSUSE:12.1:Update:Test/csound/csound.changes 2012-02-28 13:47:12.000000000 +0100 +++ /work/SRC/openSUSE:12.1:Update:Test/.csound.new/csound.changes 2012-02-28 13:47:13.000000000 +0100 @@ -1,0 +2,6 @@ +Mon Feb 27 11:23:03 CET 2012 - ti...@suse.de + +- VUL-0: CVE-2012-0270: csound: two buffer overflow flaws in getnum() + (bnc#749073) + +------------------------------------------------------------------- New: ---- csound-fix-CVE-2012-0270.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ csound.spec ++++++ --- /var/tmp/diff_new_pack.ZB7JBa/_old 2012-02-28 13:47:13.000000000 +0100 +++ /var/tmp/diff_new_pack.ZB7JBa/_new 2012-02-28 13:47:13.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package csound # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,18 +16,30 @@ # - Name: csound %define support_fltk 0 -BuildRequires: alsa-devel fdupes fluidsynth-devel gcc-c++ jack-devel liblo-devel libsndfile-devel portaudio-devel python-devel scons swig +BuildRequires: alsa-devel +BuildRequires: fdupes +BuildRequires: fluidsynth-devel +BuildRequires: gcc-c++ +BuildRequires: jack-devel +BuildRequires: liblo-devel +BuildRequires: libsndfile-devel +BuildRequires: portaudio-devel +BuildRequires: python-devel +BuildRequires: scons +BuildRequires: swig %if %support_fltk -BuildRequires: fltk-devel libjpeg-devel libpng-devel xorg-x11-devel +BuildRequires: fltk-devel +BuildRequires: libjpeg-devel +BuildRequires: libpng-devel +BuildRequires: xorg-x11-devel %endif Summary: Computer Sound Synthesis and Composition Program -Version: 5.06.0 -Release: 130 -License: GFDL v1.2 ; LGPL v2.1 or later ; MIT License (or similar) +License: GFDL-1.2 ; LGPL-2.1+ ; MIT Group: Productivity/Multimedia/Sound/Utilities +Version: 5.06.0 +Release: 0 Source: Csound%{version}.tar.bz2 Source1: README.SuSE Patch: csound-alsa-fix.diff @@ -35,6 +47,7 @@ Patch2: csound-gcc-warning-fix.diff Patch3: csound-python-2.6-fix.diff Patch4: csound-sanitize-sys.patch +Patch5: csound-fix-CVE-2012-0270.patch Url: http://www.csounds.com AutoReq: on Autoprov: off @@ -55,6 +68,7 @@ %patch2 %patch3 %patch4 -p1 +%patch5 -p1 cp %{SOURCE1} . # fix encoding iconv -f latin1 -t utf8 readme-csound5.txt > readme-csound5.txt.utf8 ++++++ csound-fix-CVE-2012-0270.patch ++++++ >From 7d617a9551fb6c552ba16874b71266fcd90f3a6f Mon Sep 17 00:00:00 2001 From: John ffitch <j...@cs.bath.ac.uk> Date: Thu, 19 Jan 2012 21:15:30 +0000 Subject: [PATCH] fix buffer overflows --- util/het_import.c | 2 +- util/heti_main.c | 2 +- util/lpci_main.c | 4 ++++ util/pv_import.c | 2 +- 4 files changed, 7 insertions(+), 3 deletions(-) --- a/util/het_import.c +++ b/util/het_import.c @@ -49,7 +49,7 @@ short getnum(FILE* inf, char *term) char buff[100]; int cc; int p = 0; - while ((cc=getc(inf))!=',' && cc!='\n') { + while ((cc=getc(inf))!=',' && cc!='\n' && p<99) { if (cc == EOF) { *term = '\0'; return 0; --- a/util/heti_main.c +++ b/util/heti_main.c @@ -43,7 +43,7 @@ short getnum(FILE* inf, char *term) char buff[100]; int cc; int p = 0; - while ((cc=getc(inf))!=',' && cc!='\n') { + while ((cc=getc(inf))!=',' && cc!='\n' && p<99) { if (cc == EOF) { *term = '\0'; return 0; --- a/util/lpci_main.c +++ b/util/lpci_main.c @@ -78,6 +78,10 @@ int main(int argc, char **argv) putc(str[i],outf); putc('\n', outf); coef = (MYFLT *)malloc((hdr.npoles+hdr.nvals)*sizeof(MYFLT)); + if (coef==NULL) { + printf("memory allocation failure\n"); + exit(1); + } for (i = 0; i<hdr.nvals; i++) { fread(&coef[0], sizeof(MYFLT), hdr.npoles, inf); for (j=0; j<hdr.npoles; j++) --- a/util/pv_import.c +++ b/util/pv_import.c @@ -44,7 +44,7 @@ static float getnum(FILE* inf, char *ter char buff[100]; int cc; int p = 0; - while ((cc=getc(inf))!=',' && cc!='\n' && cc!=EOF) buff[p++] = cc; + while ((cc=getc(inf))!=',' && cc!='\n' && cc!=EOF && p<99) buff[p++] = cc; buff[p]='\0'; *term = cc; return (float)atof(buff); -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org