audiofile: mark CVE-2020-18781 as patched

Per [1] this CVE is already patched by commit [2]. This can be also verified with yocto build. Running without this patch: root@qemux86-64:~# sfconvert poc.wav output format wave malloc(): corrupted top size Aborted Running with it: root@qemux86-64:~# sfconvert poc.wav output format wave Audio File Library: Bad number of coefficients [error 62] Could not open file 'poc.wav' for reading. [1] https://github.com/mpruett/audiofile/issues/56 [2] https://github.com/antlarr/audiofile/commit/c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0 Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit 68f55c158e15a5d35702ae5c730586001e487f86) Signed-off-by: Armin Kuster <akuster808@gmail.com>
author: Peter Marko <peter.marko@siemens.com> 2025-01-17 20:33:21 +0100
committer: Armin Kuster <akuster808@gmail.com> 2025-02-04 14:29:37 -0800
commit: 35b9a267502abf00fee66e8f32477a5c2abab9c6 (patch)
tree: 8bc36a2dffa847e2af4935bbac9bcd1b7dc0d4d8
parent: c7d64c705976024bdb537a2cec33c9223777c0d8 (diff)
download: meta-openembedded-35b9a267502abf00fee66e8f32477a5c2abab9c6.tar.gz
1 files changed, 1 insertions, 0 deletions
diff --git a/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch
index 282f4c01b9..17a97163f5 100644
--- a/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch
+++ b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch
@@ -17,6 +17,7 @@ CVE: CVE-2017-6832
 CVE: CVE-2017-6833
 CVE: CVE-2017-6835
 CVE: CVE-2017-6837
+CVE: CVE-2020-18781
 Upstream-Status: Inactive-Upstream [lastrelease: 2013]
 Signed-off-by: Peter Marko <peter.marko@siemens.com>
 ---
author	Peter Marko <peter.marko@siemens.com>	2025-01-17 20:33:21 +0100
committer	Armin Kuster <akuster808@gmail.com>	2025-02-04 14:29:37 -0800
commit	35b9a267502abf00fee66e8f32477a5c2abab9c6 (patch)
tree	8bc36a2dffa847e2af4935bbac9bcd1b7dc0d4d8
parent	c7d64c705976024bdb537a2cec33c9223777c0d8 (diff)
download	meta-openembedded-35b9a267502abf00fee66e8f32477a5c2abab9c6.tar.gz

diff --git a/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch index 282f4c01b9..17a97163f5 100644 --- a/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch +++ b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch
@@ -17,6 +17,7 @@ CVE: CVE-2017-6832
17	CVE: CVE-2017-6833	17	CVE: CVE-2017-6833
18	CVE: CVE-2017-6835	18	CVE: CVE-2017-6835
19	CVE: CVE-2017-6837	19	CVE: CVE-2017-6837
		20	CVE: CVE-2020-18781
20	Upstream-Status: Inactive-Upstream [lastrelease: 2013]	21	Upstream-Status: Inactive-Upstream [lastrelease: 2013]
21	Signed-off-by: Peter Marko <peter.marko@siemens.com>	22	Signed-off-by: Peter Marko <peter.marko@siemens.com>
22	---	23	---