Bug#1003842: buster-pu: package flac/1.3.2-3+deb10u1

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#1003842: buster-pu: package flac/1.3.2-3+deb10u1
From: Adrian Bunk <bunk@debian.org>
Date: Sun, 16 Jan 2022 21:03:39 +0200
Message-id: <[🔎] 164235981965.1561.654031692305667850.reportbug@localhost>
Reply-to: Adrian Bunk <bunk@debian.org>, 1003842@bugs.debian.org

Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu

  * CVE-2020-0499: Out of bounds read due to a heap buffer overflow.
    (Closes: #977764)

diff -Nru flac-1.3.2/debian/changelog flac-1.3.2/debian/changelog
--- flac-1.3.2/debian/changelog	2018-05-16 22:35:01.000000000 +0300
+++ flac-1.3.2/debian/changelog	2022-01-16 20:54:01.000000000 +0200
@@ -1,3 +1,11 @@
+flac (1.3.2-3+deb10u1) buster; urgency=medium
+
+  * Non-maintainer upload.
+  * CVE-2020-0499: Out of bounds read due to a heap buffer overflow.
+    (Closes: #977764)
+
+ -- Adrian Bunk <bunk@debian.org>  Sun, 16 Jan 2022 20:54:01 +0200
+
 flac (1.3.2-3) unstable; urgency=medium
 
   * Use my debian account in Uploaders field and
diff -Nru flac-1.3.2/debian/patches/0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch flac-1.3.2/debian/patches/0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch
--- flac-1.3.2/debian/patches/0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch	1970-01-01 02:00:00.000000000 +0200
+++ flac-1.3.2/debian/patches/0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch	2022-01-16 20:53:21.000000000 +0200
@@ -0,0 +1,28 @@
+From 2b3dcc9e6c3fcba41fd1fb795e43419c22e03eb5 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Mon, 7 Oct 2019 12:55:58 +1100
+Subject: libFLAC/bitreader.c: Fix out-of-bounds read
+
+Credit: Oss-Fuzz
+Issue: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=17069
+Testcase: fuzzer_decoder-5670265022840832
+---
+ src/libFLAC/bitreader.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/libFLAC/bitreader.c b/src/libFLAC/bitreader.c
+index ab62d414..8969714e 100644
+--- a/src/libFLAC/bitreader.c
++++ b/src/libFLAC/bitreader.c
+@@ -859,7 +859,7 @@ incomplete_lsbs:
+ 			cwords = br->consumed_words;
+ 			words = br->words;
+ 			ucbits = FLAC__BITS_PER_WORD - br->consumed_bits;
+-			b = br->buffer[cwords] << br->consumed_bits;
++			b = cwords < br->capacity ? br->buffer[cwords] << br->consumed_bits : 0;
+ 		} while(cwords >= words && val < end);
+ 	}
+ 
+-- 
+2.20.1
+
diff -Nru flac-1.3.2/debian/patches/series flac-1.3.2/debian/patches/series
--- flac-1.3.2/debian/patches/series	2018-05-16 21:55:07.000000000 +0300
+++ flac-1.3.2/debian/patches/series	2022-01-16 20:53:49.000000000 +0200
@@ -4,3 +4,4 @@
 0050-stream_decoder.c-Fix-a-memory-leak.patch
 0051-metaflac-Fix-a-memory-leak.patch
 0001-remove-build-path-from-generated-FLAC.tag-file.patch
+0001-libFLAC-bitreader.c-Fix-out-of-bounds-read.patch

Reply to:

Prev by Date: Bug#1003841: buster-pu: package cimg/2.4.5+dfsg-1+deb10u1
Next by Date: svt-av1_0.8.7+dfsg-1_amd64.changes ACCEPTED into unstable, unstable
Previous by thread: Bug#1003841: buster-pu: package cimg/2.4.5+dfsg-1+deb10u1
Next by thread: svt-av1_0.8.7+dfsg-1_amd64.changes ACCEPTED into unstable, unstable
Index(es):
- Date
- Thread