[Buildroot] [git commit] package/libsndfile: annotate _IGNORE_CVES for the included security patches
Peter Korsgaard
peter at korsgaard.com
Thu Feb 20 12:15:22 UTC 2020
commit: https://git.buildroot.net/buildroot/commit/?id=91126d8863927745123769ed36b3f74c79d93b7a
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/master
Also mark CVE-2018-13419 as disputed.
[Peter: add dispute link as suggested by Thomas]
Signed-off-by: Peter Korsgaard <peter at korsgaard.com>
---
package/libsndfile/libsndfile.mk | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/package/libsndfile/libsndfile.mk b/package/libsndfile/libsndfile.mk
index 22909ffb62..19c3184961 100644
--- a/package/libsndfile/libsndfile.mk
+++ b/package/libsndfile/libsndfile.mk
@@ -10,6 +10,17 @@ LIBSNDFILE_INSTALL_STAGING = YES
LIBSNDFILE_LICENSE = LGPL-2.1+
LIBSNDFILE_LICENSE_FILES = COPYING
+# 0001-double64_init-Check-psf-sf.channels-against-upper-bo.patch
+LIBSNDFILE_IGNORE_CVES += CVE-2017-14634
+# 0002-Check-MAX_CHANNELS-in-sndfile-deinterleave.patch
+LIBSNDFILE_IGNORE_CVES += CVE-2018-13139 CVE-2018-19432
+# 0003-a-ulaw-fix-multiple-buffer-overflows-432.patch
+LIBSNDFILE_IGNORE_CVES += \
+ CVE-2017-14245 CVE-2017-14246 CVE-2017-17456 CVE-2017-17457 \
+ CVE-2018-19661 CVE-2018-19662
+# disputed, https://github.com/erikd/libsndfile/issues/398
+LIBSNDFILE_IGNORE_CVES += CVE-2018-13419
+
LIBSNDFILE_CONF_OPTS = \
--disable-sqlite \
--disable-alsa \
More information about the buildroot
mailing list