• Skip to sidebar navigation
  • Skip to content

Bitbucket

  • More
    ProjectsRepositories
  • Help
    • Online help
    • Learn Git
    • Welcome to Bitbucket
    • Keyboard shortcuts
  • Log In
Alexander Dahl
  1. Alexander Dahl

buildroot

Public
Actions
  • Clone
  • Compare

Learn more about cloning repositories

You have read-only access

Navigation
  • Source
  • Commits
  • Branches
  • All Branches Graph
  • Forks

Commits

Peter Korsgaard
1dd543b4ae1
CVE-2017
Download this commit
Peter Korsgaard committed 7e3583dd55822 Oct 2017
lame: security bump to version 3.100

Fixes the following security issues:

CVE-2017-9410: fill_buffer_resample function in libmp3lame/util.c heap-based
buffer over-read and ap

CVE-2017-9411: fill_buffer_resample function in libmp3lame/util.c invalid
memory read and application crash

CVE-2017-9412: unpack_read_samples function in frontend/get_audio.c invalid
memory read and application crash

Drop patches now upstream or no longer needed:

0001-configure.patch: Upstream as mentioned in patch description

0002-gtk1-ac-directives.patch: Upstream as mentioned in patch
description/release notes:

Resurrect Owen Taylor's code dated from 97-11-3 to properly deal with GTK1.
This was transplanted back from aclocal.m4 with a patch provided by Andres
Mejia. This change makes it easy to regenerate autotools' files with a simple
invocation of autoconf -vfi.

0003-msse.patch: Not needed as -march <x86-variant-with-msse-support>
nowadays implies -msse.

With these removed, autoreconf is no longer needed.

Also add a hash for the license file while we're at it.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
  • Git repository management for enterprise teams powered by Atlassian Bitbucket
  • Atlassian Bitbucket v6.7.2
  • Documentation
  • Request a feature
  • About
  • Contact Atlassian
Atlassian
»

Jira Issues

Close

Everything looks good. We'll let you know here if there's anything you should know about.