projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6d68421) | patch
package/libsndfile: add security patch for CVE-2021-3246
authorPeter Korsgaard <peter@korsgaard.com>
Wed, 22 Sep 2021 11:31:09 +0000 (13:31 +0200)
committerArnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Wed, 22 Sep 2021 19:21:37 +0000 (21:21 +0200)
commitcb18218ad125c1e4c13010c8ee946057ee07103c
tree28eb1884eff0ee529d897ed95761cb5f453bdb60tree
parent6d6842130b456499d3ff230a3b70cec756cbccd1commit | diff
package/libsndfile: add security patch for CVE-2021-3246

A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile
1.0.30 allows attackers to execute arbitrary code via a crafted WAV file.

https://nvd.nist.gov/vuln/detail/CVE-2021-3246

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
package/libsndfile/0001-ms_adpcm-Fix-and-extend-size-checks.patch [new file with mode: 0644] blob
package/libsndfile/libsndfile.mk diff | blob | history