Add fixes for various security issues, bug #222085

(Portage version: 2.1.5)

5 files changed, 133 insertions, 1 deletions

diff --git a/media-libs/libvorbis/ChangeLog b/media-libs/libvorbis/ChangeLog
index e8ce2288687b..451e46393ab4 100644
--- a/media-libs/libvorbis/ChangeLog
+++ b/media-libs/libvorbis/ChangeLog
@@ -1,6 +1,14 @@
 # ChangeLog for media-libs/libvorbis
 # Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/libvorbis/ChangeLog,v 1.92 2008/03/10 21:37:59 lu_zero Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/libvorbis/ChangeLog,v 1.93 2008/05/17 10:51:30 aballier Exp $
+
+*libvorbis-1.2.0-r1 (17 May 2008)
+
+  17 May 2008; Alexis Ballier <aballier@gentoo.org>
+  +files/libvorbis-1.2.0-CVE-2008-1419.patch,
+  +files/libvorbis-1.2.0-CVE-2008-1420.patch,
+  +files/libvorbis-1.2.0-CVE-2008-1423.patch, +libvorbis-1.2.0-r1.ebuild:
+  Add fixes for various security issues, bug #222085
 
   10 Mar 2008; Luca Barbato <lu_zero@gentoo.org> libvorbis-1.2.0.ebuild:
   Remove more insanity
diff --git a/media-libs/libvorbis/files/libvorbis-1.2.0-CVE-2008-1419.patch b/media-libs/libvorbis/files/libvorbis-1.2.0-CVE-2008-1419.patch
new file mode 100644
index 000000000000..34d8c520c561
--- /dev/null
+++ b/media-libs/libvorbis/files/libvorbis-1.2.0-CVE-2008-1419.patch
@@ -0,0 +1,15 @@
+https://trac.xiph.org/changeset/14602

+https://bugzilla.redhat.com/show_bug.cgi?id=440700

+http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1419

+

+Index: /trunk/vorbis/lib/codebook.c

+===================================================================

+--- /trunk/vorbis/lib/codebook.c (revision 13293)

++++ /trunk/vorbis/lib/codebook.c (revision 14602)

+@@ -226,5 +226,5 @@

+       switch(s->maptype){

+       case 1:

+-	quantvals=_book_maptype1_quantvals(s);

++	quantvals=(s->dim==0?0:_book_maptype1_quantvals(s));

+ 	break;

+       case 2:

diff --git a/media-libs/libvorbis/files/libvorbis-1.2.0-CVE-2008-1420.patch b/media-libs/libvorbis/files/libvorbis-1.2.0-CVE-2008-1420.patch
new file mode 100644
index 000000000000..a0405e5246e2
--- /dev/null
+++ b/media-libs/libvorbis/files/libvorbis-1.2.0-CVE-2008-1420.patch
@@ -0,0 +1,34 @@
+http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1420

+https://bugzilla.redhat.com/show_bug.cgi?id=440706

+https://trac.xiph.org/changeset/14598

+

+Index: /trunk/vorbis/lib/res0.c

+===================================================================

+--- /trunk/vorbis/lib/res0.c (revision 13578)

++++ /trunk/vorbis/lib/res0.c (revision 14598)

+@@ -224,4 +224,18 @@

+     if(info->booklist[j]>=ci->books)goto errout;

+ 

++  /* verify the phrasebook is not specifying an impossible or

++     inconsistent partitioning scheme. */

++  {

++    int entries = ci->book_param[info->groupbook]->entries;

++    int dim = ci->book_param[info->groupbook]->dim;

++    int partvals = 1;

++    while(dim>0){

++      partvals *= info->partitions;

++      if(partvals > entries) goto errout;

++      dim--;

++    }

++    if(partvals != entries) goto errout;

++  }

++

+   return(info);

+  errout:

+@@ -264,5 +278,5 @@

+   }

+ 

+-  look->partvals=rint(pow((float)look->parts,(float)dim));

++  look->partvals=look->phrasebook->entries;

+   look->stages=maxstage;

+   look->decodemap=_ogg_malloc(look->partvals*sizeof(*look->decodemap));

diff --git a/media-libs/libvorbis/files/libvorbis-1.2.0-CVE-2008-1423.patch b/media-libs/libvorbis/files/libvorbis-1.2.0-CVE-2008-1423.patch
new file mode 100644
index 000000000000..d0e79b4dce10
--- /dev/null
+++ b/media-libs/libvorbis/files/libvorbis-1.2.0-CVE-2008-1423.patch
@@ -0,0 +1,15 @@
+http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1423

+https://bugzilla.redhat.com/show_bug.cgi?id=440709

+https://trac.xiph.org/changeset/14604

+

+Index: /trunk/vorbis/lib/codebook.c

+===================================================================

+--- /trunk/vorbis/lib/codebook.c (revision 14602)

++++ /trunk/vorbis/lib/codebook.c (revision 14604)

+@@ -159,4 +159,6 @@

+   s->entries=oggpack_read(opb,24);

+   if(s->entries==-1)goto _eofout;

++

++  if(_ilog(s->dim)+_ilog(s->entries)>24)goto _eofout;

+ 

+   /* codeword ordering.... length ordered or unordered? */

diff --git a/media-libs/libvorbis/libvorbis-1.2.0-r1.ebuild b/media-libs/libvorbis/libvorbis-1.2.0-r1.ebuild
new file mode 100644
index 000000000000..07b460f39c2c
--- /dev/null
+++ b/media-libs/libvorbis/libvorbis-1.2.0-r1.ebuild
@@ -0,0 +1,60 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/libvorbis/libvorbis-1.2.0-r1.ebuild,v 1.1 2008/05/17 10:51:30 aballier Exp $
+
+inherit libtool flag-o-matic eutils toolchain-funcs
+
+DESCRIPTION="the Ogg Vorbis sound file format library"
+HOMEPAGE="http://xiph.org/vorbis"
+SRC_URI="http://downloads.xiph.org/releases/vorbis/${P}.tar.bz2"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE="doc"
+
+RDEPEND=">=media-libs/libogg-1"
+DEPEND="${RDEPEND}
+	dev-util/pkgconfig"
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	elibtoolize
+
+	epunt_cxx #74493
+
+	# Insane.
+	sed -i -e "s:-O20::g" -e "s:-mfused-madd::g" configure
+	sed -i -e "s:-mcpu=750::g" configure
+	epatch "${FILESDIR}/${P}-CVE-2008-1419.patch"
+	epatch "${FILESDIR}/${P}-CVE-2008-1420.patch"
+	epatch "${FILESDIR}/${P}-CVE-2008-1423.patch"
+}
+
+src_compile() {
+	# gcc-3.4 and k6 with -ftracer causes code generation problems #49472
+	if [[ "$(gcc-major-version)$(gcc-minor-version)" == "34" ]]; then
+		is-flag -march=k6* && filter-flags -ftracer
+		is-flag -mtune=k6* && filter-flags -ftracer
+		replace-flags -Os -O2
+	fi
+
+	econf
+	emake || die "emake failed."
+}
+
+src_install() {
+	emake DESTDIR="${D}" install || die "emake install failed."
+
+	rm -rf "${D}"/usr/share/doc/${P}
+
+	dodoc AUTHORS CHANGES README todo.txt
+
+	if use doc; then
+		docinto txt
+		dodoc doc/*.txt
+		dohtml -r doc
+	fi
+}