Skip to content

Commit

Permalink
audio/libsndfile: Fix CVE-2022-33065
Browse files Browse the repository at this point in the history 
Multiple signed integers overflow in function au_read_header in
src/au.c and in functions mat4_open and mat4_read_header in
src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service
or other unspecified impacts.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2022-33065
  • Loading branch information
Daniel Engberg authored and Daniel Engberg committed Nov 8, 2023
1 parent 46b9279 commit a1f663e
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 1 deletion.
3 changes: 3 additions & 0 deletions audio/libsndfile/Makefile
View file
Expand Up @@ -3,6 +3,9 @@ DISTVERSION= 1.2.2
CATEGORIES= audio
MASTER_SITES= https://github.com/${PORTNAME}/${PORTNAME}/releases/download/${DISTVERSION}/

PATCH_SITES= https://github.com/${PORTNAME}/${PORTNAME}/commit/
PATCHFILES= 0754562e13d2e63a248a1c82f90b30bc0ffe307c.patch:-p1

MAINTAINER= multimedia@FreeBSD.org
COMMENT= Reading and writing files containing sampled sound (like WAV or AIFF)
WWW= http://www.mega-nerd.com/libsndfile/
Expand Down
4 changes: 3 additions & 1 deletion audio/libsndfile/distinfo
View file
@@ -1,3 +1,5 @@
TIMESTAMP = 1691924884
TIMESTAMP = 1699480963
SHA256 (libsndfile-1.2.2.tar.xz) = 3799ca9924d3125038880367bf1468e53a1b7e3686a934f098b7e1d286cdb80e
SIZE (libsndfile-1.2.2.tar.xz) = 730760
SHA256 (0754562e13d2e63a248a1c82f90b30bc0ffe307c.patch) = f42720a0307a5d3785c2719729d0eeaa0f15e6fe1c3645f5028fef89a35d7bd2
SIZE (0754562e13d2e63a248a1c82f90b30bc0ffe307c.patch) = 1722

0 comments on commit a1f663e

Please sign in to comment.