Your message dated Fri, 03 Feb 2017 17:00:00 +0000 with message-id <0a089484-a529-9e8a-d4b1-afa0954d3c37@thykier.net> and subject line Re: Bug#853264: unblock: wavpack/5.0.0-2 has caused the Debian Bug report #853264, regarding unblock: wavpack/5.0.0-2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 853264: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=853264 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: unblock: wavpack/5.0.0-2
- From: Sebastian Ramacher <sramacher@debian.org>
- Date: Mon, 30 Jan 2017 22:27:29 +0100
- Message-id: <20170130212729.gsvz7dcrr24bi3ty@ramacher.at>
Package: release.debian.org Severity: normal User: release.debian.org@packages.debian.org Usertags: unblock Please unblock package wavpack. 5.0.0-2 fixes CVE-2016-10169, CVE-2016-10170, CVE-2016-10171 and CVE-2016-10172 by simply applying upstream's patch for the CVEs. unblock wavpack/5.0.0-2 -- System Information: Debian Release: 9.0 APT prefers unstable-debug APT policy: (650, 'unstable-debug'), (650, 'buildd-unstable'), (650, 'unstable'), (601, 'testing'), (600, 'experimental-debug'), (600, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -- Sebastian Ramacherdiff --git a/debian/changelog b/debian/changelog index 18586f6..3cc049a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +wavpack (5.0.0-2) unstable; urgency=medium + + * Team upload. + * debian/patches: Apply upstream fix to fix some fuzz failures + (CVE-2016-10169, CVE-2016-10170, CVE-2016-10171, CVE-2016-10172). (Closes: + #853076) + + -- Sebastian Ramacher <sramacher@debian.org> Mon, 30 Jan 2017 21:04:05 +0100 + wavpack (5.0.0-1) unstable; urgency=medium * Team upload. diff --git a/debian/patches/fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch b/debian/patches/fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch new file mode 100644 index 0000000..62346c7 --- /dev/null +++ b/debian/patches/fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patch @@ -0,0 +1,52 @@ +From 4bc05fc490b66ef2d45b1de26abf1455b486b0dc Mon Sep 17 00:00:00 2001 +From: David Bryant <david@wavpack.com> +Date: Wed, 21 Dec 2016 22:18:36 -0800 +Subject: [PATCH] fixes for 4 fuzz failures posted to SourceForge mailing list + +--- + src/open_utils.c | 6 +++++- + src/read_words.c | 4 ++++ + 2 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/src/open_utils.c b/src/open_utils.c +index 7519f99..a844046 100644 +--- a/src/open_utils.c ++++ b/src/open_utils.c +@@ -560,7 +560,7 @@ static int read_new_config_info (WavpackContext *wpc, WavpackMetadata *wpmd) + + // if there's any data, the first two bytes are file_format and qmode flags + +- if (bytecnt) { ++ if (bytecnt >= 2) { + wpc->file_format = *byteptr++; + wpc->config.qmode = (wpc->config.qmode & ~0xff) | *byteptr++; + bytecnt -= 2; +@@ -593,6 +593,10 @@ static int read_new_config_info (WavpackContext *wpc, WavpackMetadata *wpmd) + for (i = 0; i < nchans; ++i) + if (bytecnt) { + wpc->channel_reordering [i] = *byteptr++; ++ ++ if (wpc->channel_reordering [i] >= nchans) // make sure index is in range ++ wpc->channel_reordering [i] = 0; ++ + bytecnt--; + } + else +diff --git a/src/read_words.c b/src/read_words.c +index 62acac3..a537bfa 100644 +--- a/src/read_words.c ++++ b/src/read_words.c +@@ -288,6 +288,10 @@ int32_t FASTCALL get_word (WavpackStream *wps, int chan, int32_t *correction) + + low &= 0x7fffffff; + high &= 0x7fffffff; ++ ++ if (low > high) // make sure high and low make sense ++ high = low; ++ + mid = (high + low + 1) >> 1; + + if (!c->error_limit) +-- +2.11.0 + diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..28b0d00 --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +fixes-for-4-fuzz-failures-posted-to-SourceForge-mail.patchAttachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: Sebastian Ramacher <sramacher@debian.org>, 853264-done@bugs.debian.org
- Subject: Re: Bug#853264: unblock: wavpack/5.0.0-2
- From: Niels Thykier <niels@thykier.net>
- Date: Fri, 03 Feb 2017 17:00:00 +0000
- Message-id: <0a089484-a529-9e8a-d4b1-afa0954d3c37@thykier.net>
- In-reply-to: <20170130212729.gsvz7dcrr24bi3ty@ramacher.at>
- References: <20170130212729.gsvz7dcrr24bi3ty@ramacher.at>
Sebastian Ramacher: > Package: release.debian.org > Severity: normal > User: release.debian.org@packages.debian.org > Usertags: unblock > > Please unblock package wavpack. 5.0.0-2 fixes CVE-2016-10169, CVE-2016-10170, > CVE-2016-10171 and CVE-2016-10172 by simply applying upstream's patch for the > CVEs. > > unblock wavpack/5.0.0-2 > > [...] Unblocked, thanks. ~Niels
--- End Message ---