subject:"Bug#865909\: faac\: CVE\-2017\-9129 CVE\-2017\-9130"

Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

2017-07-14 Thread Fabian Greffrath

control: tags -1 +patch +fixed-upstream

This has been fixed in upstream GIT.

Please find attached the cumulated patch

 - Fabian

faac_865909.patch
Description: Binary data
___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

Processed: Re: Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

2017-07-14 Thread Debian Bug Tracking System

Processing control commands:

> tags -1 +patch +fixed-upstream
Bug #865909 {Done: Fabian Greffrath } [src:faac] faac: 
CVE-2017-9129 CVE-2017-9130
Ignoring request to alter tags of bug #865909 to the same tags previously set
Bug #865909 {Done: Fabian Greffrath } [src:faac] faac: 
CVE-2017-9129 CVE-2017-9130
Added tag(s) fixed-upstream.

-- 
865909: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865909
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

Processed: Re: Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

2017-06-30 Thread Debian Bug Tracking System

Processing control commands:

> forwarded -1 https://sourceforge.net/p/faac/bugs/208/
Bug #865909 [src:faac] faac: CVE-2017-9129 CVE-2017-9130
Set Bug forwarded-to-address to 'https://sourceforge.net/p/faac/bugs/208/'.
> tags -1 +patch
Bug #865909 [src:faac] faac: CVE-2017-9129 CVE-2017-9130
Added tag(s) patch.

-- 
865909: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865909
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

2017-06-30 Thread Fabian Greffrath

control: forwarded -1 https://sourceforge.net/p/faac/bugs/208/
control: tags -1 +patchdiff --git a/frontend/main.c b/frontend/main.c
index 60f687b..33e39b8 100644
--- a/frontend/main.c
+++ b/frontend/main.c
@@ -806,6 +806,13 @@ int main(int argc, char *argv[])
 hEncoder = faacEncOpen(infile->samplerate, infile->channels,
 , );
 
+if (hEncoder == NULL)
+{
+fprintf(stderr, "Couldn't open encoder instance for input file %s\n", audioFileName);
+wav_close(infile);
+return 1;
+}
+
 #ifdef HAVE_LIBMP4V2
 if (container != MP4_CONTAINER && (ntracks || trackno || artist ||
title ||  album || year || art ||
diff --git a/libfaac/frame.c b/libfaac/frame.c
index 5c203b2..94887ac 100644
--- a/libfaac/frame.c
+++ b/libfaac/frame.c
@@ -288,7 +288,7 @@ int FAACAPI faacEncSetConfiguration(faacEncHandle hpEncoder,
 			hEncoder->srInfo->num_cb_short);
 	
 	/* load channel_map */
-	for( i = 0; i < 64; i++ )
+	for( i = 0; i < MAX_CHANNELS; i++ )
 		hEncoder->config.channel_map[i] = config->channel_map[i];
 
 /* OK */
@@ -303,6 +303,9 @@ faacEncHandle FAACAPI faacEncOpen(unsigned long sampleRate,
 unsigned int channel;
 faacEncStruct* hEncoder;
 
+if (numChannels > MAX_CHANNELS)
+	return NULL;
+
 *inputSamples = FRAME_LEN*numChannels;
 *maxOutputBytes = (6144/8)*numChannels;
 
@@ -342,7 +345,7 @@ faacEncHandle FAACAPI faacEncOpen(unsigned long sampleRate,
 hEncoder->config.shortctl = SHORTCTL_NORMAL;
 
 	/* default channel map is straight-through */
-	for( channel = 0; channel < 64; channel++ )
+	for( channel = 0; channel < MAX_CHANNELS; channel++ )
 		hEncoder->config.channel_map[channel] = channel;
 	
 /*


signature.asc
Description: This is a digitally signed message part
___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

2017-06-25 Thread Salvatore Bonaccorso

Source: faac
Version: 1.28+cvs20151130-1
Severity: important
Tags: security upstream

Hi,

the following vulnerabilities were published for faac.

CVE-2017-9129[0]:
| The wav_open_read function in frontend/input.c in Freeware Advanced
| Audio Coder (FAAC) 1.28 allows remote attackers to cause a denial of
| service (large loop) via a crafted wav file.

CVE-2017-9130[1]:
| The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio
| Coder (FAAC) 1.28 allows remote attackers to cause a denial of service
| (invalid memory read and application crash) via a crafted wav file.

If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2017-9129
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9129
[1] https://security-tracker.debian.org/tracker/CVE-2017-9130
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9130
[2] https://www.exploit-db.com/exploits/42207/

Regards,
Salvatore

___
pkg-multimedia-maintainers mailing list
pkg-multimedia-maintainers@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-maintainers

Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

Processed: Re: Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

Processed: Re: Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

Bug#865909: faac: CVE-2017-9129 CVE-2017-9130

5 matches

Site Navigation

Mail list logo

Footer information