Date: Sun, 22 Oct 2017 01:41:29 +0300 From: Henri Salo <henri@...v.fi> To: oss-security@...ts.openwall.com Subject: LAME 3.100 released with security fixes Hello, LAME 3.100 has been released including fixes to security vulnerabilities. Coy-paste from history: Rogério Brito - Don't include the debian directory as one that is needed during builds. Patch taken from Debian's packaging of lame. - Resurrect Owen Taylor's code dated from 97-11-3 to properly deal with GTK1. This was transplanted back from aclocal.m4 with a patch provided by Andres Mejia. This change makes it easy to regenerate autotools' files with a simple invocation of autoconf -vfi. - Fix possible race condition causing build failures in libmp3lame. Discovered in automated builds by the Debian project with patch provided by Andres Mejia. Robert Hegemann - Improved detection of MPEG audio data in RIFF WAVE files. Tracker item [ 3545112 ] Invalid sampling detection - New switch --gain <decibel>, range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the use of --scale <factor>. - Fix for tracker item [ 3558466 ] Bug in path handling - Fix for tracker item [ 3567844 ] problem with Tag genre - Fix for tracker item [ 3565659 ] no progress indication with pipe input - Fix for tracker item [ 3544957 ] scale (empty) silent encode without warning - Fix for tracker item [ 3580176 ] environment variable LAMEOPT doesn't work anymore - Fix for tracker item [ 3608583 ] input file name displayed with wrong character encoding (on windows console with CP_UTF8) - Fix for bug ticket [ #447 ] Fix dereference NULL and Buffer not NULL terminated issues. Thanks to Surabhi Mishra - Fix for bug ticket [ #445 ] dereference of a null pointer possible in loop. Thanks to Renu Tyagi - Fix for bug ticket [ #449 ] Make sure functions with SSE instructions maintain their own properly aligned stack. Thanks to Fabian Greffrath - Fix for bug ticket [ #458 ] Multiple Stack and Heap Corruptions from Malicious File. Thanks to Gareth Evans and Elio Blanca - Fix for bug ticket [ #460 ] A division by zero vulnerability. Thanks to Wang Shiyang, Liu Bingchang - Fix for bug ticket [ #461 ] CVE-2017-9410 fill_buffer_resample function in libmp3lame/util.c heap-based buffer over-read and ap - Fix for bug ticket [ #462 ] CVE-2017-9411 fill_buffer_resample function in libmp3lame/util.c invalid memory read and application crash - Fix for bug ticket [ #463 ] CVE-2017-9412 unpack_read_samples function in frontend/get_audio.c invalid memory read and application crash - Fix for bug ticket [ #434 ] clip detect scale suggestion unaware of scale input value - HIP decoder bug fixed: decoding mixed blocks of lower sample frequency Layer3 data resulted in internal buffer overflow (write). Thanks to Henri Salo Alexander Leidinger - Feature request, patch ticket [ #27 ] Add lame_encode_buffer_interleaved_int() by Michael Fink -- Henri Salo
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.