Skip to content
Commit 6ae271cd authored by Peter Korsgaard's avatar Peter Korsgaard
Browse files

libmad: add security patch from debian 



Fixes:

CVE-2017-8372 - The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a
denial of service (assertion failure and application exit) via a crafted
audio file.

CVE-2017-8373 - The mad_layer_III function in layer3.c in Underbit MAD
libmad 0.15.1b allows remote attackers to cause a denial of service
(heap-based buffer overflow and application crash) or possibly have
unspecified other impact via a crafted audio file.

CVE-2017-8374 - The mad_bit_skip function in bit.c in Underbit MAD libmad
0.15.1b allows remote attackers to cause a denial of service (heap-based
buffer over-read and application crash) via a crafted audio file.

Signed-off-by: default avatarPeter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6369a061)
Signed-off-by: default avatarPeter Korsgaard <peter@korsgaard.com>
parent 8e35239e
Hide whitespace changes
Inline Side-by-side
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment