generic-poky

History

Yi Zhao a602b9f748 taglib: Security fix CVE-2017-12678 CVE-2017-12678: In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp has a pointer to cast vulnerability, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted audio file. Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-12678 Patch from: `eb9ded1206` (From OE-Core rev: 24ac12ecb19efc7c131c9711ba32e298ba860eb7) (From OE-Core rev: bb90e08fbcbc7c60731aacdc4b82163507d9afdc) Signed-off-by: Yi Zhao <yi.zhao@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-09-11 22:15:58 +01:00
..
taglib	taglib: Security fix CVE-2017-12678	2017-09-11 22:15:58 +01:00
taglib_1.11.1.bb	taglib: Security fix CVE-2017-12678	2017-09-11 22:15:58 +01:00

Yi Zhao a602b9f748 taglib: Security fix CVE-2017-12678

CVE-2017-12678: In TagLib 1.11.1, the rebuildAggregateFrames function in
id3v2framefactory.cpp has a pointer to cast vulnerability, which allows
remote attackers to cause a denial of service or possibly have
unspecified other impact via a crafted audio file.

Reference:
https://nvd.nist.gov/vuln/detail/CVE-2017-12678

Patch from:
eb9ded1206

(From OE-Core rev: 24ac12ecb19efc7c131c9711ba32e298ba860eb7)

(From OE-Core rev: bb90e08fbcbc7c60731aacdc4b82163507d9afdc)

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

2017-09-11 22:15:58 +01:00

taglib taglib: Security fix CVE-2017-12678 2017-09-11 22:15:58 +01:00

taglib_1.11.1.bb taglib: Security fix CVE-2017-12678 2017-09-11 22:15:58 +01:00