Hello community,
here is the log from the commit of package csound for openSUSE:12.1:Update:Test
checked in at 2012-02-28 13:47:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.1:Update:Test/csound (Old)
and /work/SRC/openSUSE:12.1:Update:Test/.csound.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "csound", Maintainer is "ti...@suse.com"
Changes:
--------
--- /work/SRC/openSUSE:12.1:Update:Test/csound/csound.changes 2012-02-28
13:47:12.000000000 +0100
+++ /work/SRC/openSUSE:12.1:Update:Test/.csound.new/csound.changes
2012-02-28 13:47:13.000000000 +0100
@@ -1,0 +2,6 @@
+Mon Feb 27 11:23:03 CET 2012 - ti...@suse.de
+
+- VUL-0: CVE-2012-0270: csound: two buffer overflow flaws in getnum()
+ (bnc#749073)
+
+-------------------------------------------------------------------
New:
----
csound-fix-CVE-2012-0270.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ csound.spec ++++++
--- /var/tmp/diff_new_pack.ZB7JBa/_old 2012-02-28 13:47:13.000000000 +0100
+++ /var/tmp/diff_new_pack.ZB7JBa/_new 2012-02-28 13:47:13.000000000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package csound
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,18 +16,30 @@
#
-
Name: csound
%define support_fltk 0
-BuildRequires: alsa-devel fdupes fluidsynth-devel gcc-c++ jack-devel
liblo-devel libsndfile-devel portaudio-devel python-devel scons swig
+BuildRequires: alsa-devel
+BuildRequires: fdupes
+BuildRequires: fluidsynth-devel
+BuildRequires: gcc-c++
+BuildRequires: jack-devel
+BuildRequires: liblo-devel
+BuildRequires: libsndfile-devel
+BuildRequires: portaudio-devel
+BuildRequires: python-devel
+BuildRequires: scons
+BuildRequires: swig
%if %support_fltk
-BuildRequires: fltk-devel libjpeg-devel libpng-devel xorg-x11-devel
+BuildRequires: fltk-devel
+BuildRequires: libjpeg-devel
+BuildRequires: libpng-devel
+BuildRequires: xorg-x11-devel
%endif
Summary: Computer Sound Synthesis and Composition Program
-Version: 5.06.0
-Release: 130
-License: GFDL v1.2 ; LGPL v2.1 or later ; MIT License (or similar)
+License: GFDL-1.2 ; LGPL-2.1+ ; MIT
Group: Productivity/Multimedia/Sound/Utilities
+Version: 5.06.0
+Release: 0
Source: Csound%{version}.tar.bz2
Source1: README.SuSE
Patch: csound-alsa-fix.diff
@@ -35,6 +47,7 @@
Patch2: csound-gcc-warning-fix.diff
Patch3: csound-python-2.6-fix.diff
Patch4: csound-sanitize-sys.patch
+Patch5: csound-fix-CVE-2012-0270.patch
Url: http://www.csounds.com
AutoReq: on
Autoprov: off
@@ -55,6 +68,7 @@
%patch2
%patch3
%patch4 -p1
+%patch5 -p1
cp %{SOURCE1} .
# fix encoding
iconv -f latin1 -t utf8 readme-csound5.txt > readme-csound5.txt.utf8
++++++ csound-fix-CVE-2012-0270.patch ++++++
>From 7d617a9551fb6c552ba16874b71266fcd90f3a6f Mon Sep 17 00:00:00 2001
From: John ffitch <j...@cs.bath.ac.uk>
Date: Thu, 19 Jan 2012 21:15:30 +0000
Subject: [PATCH] fix buffer overflows
---
util/het_import.c | 2 +-
util/heti_main.c | 2 +-
util/lpci_main.c | 4 ++++
util/pv_import.c | 2 +-
4 files changed, 7 insertions(+), 3 deletions(-)
--- a/util/het_import.c
+++ b/util/het_import.c
@@ -49,7 +49,7 @@ short getnum(FILE* inf, char *term)
char buff[100];
int cc;
int p = 0;
- while ((cc=getc(inf))!=',' && cc!='\n') {
+ while ((cc=getc(inf))!=',' && cc!='\n' && p<99) {
if (cc == EOF) {
*term = '\0';
return 0;
--- a/util/heti_main.c
+++ b/util/heti_main.c
@@ -43,7 +43,7 @@ short getnum(FILE* inf, char *term)
char buff[100];
int cc;
int p = 0;
- while ((cc=getc(inf))!=',' && cc!='\n') {
+ while ((cc=getc(inf))!=',' && cc!='\n' && p<99) {
if (cc == EOF) {
*term = '\0';
return 0;
--- a/util/lpci_main.c
+++ b/util/lpci_main.c
@@ -78,6 +78,10 @@ int main(int argc, char **argv)
putc(str[i],outf);
putc('\n', outf);
coef = (MYFLT *)malloc((hdr.npoles+hdr.nvals)*sizeof(MYFLT));
+ if (coef==NULL) {
+ printf("memory allocation failure\n");
+ exit(1);
+ }
for (i = 0; i<hdr.nvals; i++) {
fread(&coef[0], sizeof(MYFLT), hdr.npoles, inf);
for (j=0; j<hdr.npoles; j++)
--- a/util/pv_import.c
+++ b/util/pv_import.c
@@ -44,7 +44,7 @@ static float getnum(FILE* inf, char *ter
char buff[100];
int cc;
int p = 0;
- while ((cc=getc(inf))!=',' && cc!='\n' && cc!=EOF) buff[p++] = cc;
+ while ((cc=getc(inf))!=',' && cc!='\n' && cc!=EOF && p<99) buff[p++] = cc;
buff[p]='\0';
*term = cc;
return (float)atof(buff);
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
