From 77b4067754569c0094ad41e60137117ff9a71bf8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Robert=20H=C3=B6gberg?= Date: Sun, 11 Jun 2023 23:55:23 +0200 Subject: [PATCH] minidlna: update to 1.3.3 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes CVE-2023-33476: ReadyMedia (MiniDLNA) versions from 1.1.15 up to 1.3.2 is vulnerable to Buffer Overflow. The vulnerability is caused by incorrect validation logic when handling HTTP requests using chunked transport encoding. This results in other code later using attacker-controlled chunk values that exceed the length of the allocated buffer, resulting in out-of-bounds read/write. Signed-off-by: Robert Högberg --- multimedia/minidlna/Makefile | 4 ++-- ...030-mark_all_instances_of_magic_container_s_as_const.patch | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/multimedia/minidlna/Makefile b/multimedia/minidlna/Makefile index d5343edbdd..8d5d51a9d4 100644 --- a/multimedia/minidlna/Makefile +++ b/multimedia/minidlna/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=minidlna -PKG_VERSION:=1.3.2 +PKG_VERSION:=1.3.3 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=@SF/minidlna -PKG_HASH:=222ce45a1a60c3ce3de17527955d38e5ff7a4592d61db39577e6bf88e0ae1cb0 +PKG_HASH:=39026c6d4a139b9180192d1c37225aa3376fdf4f1a74d7debbdbb693d996afa4 PKG_MAINTAINER:= PKG_LICENSE:=GPL-2.0-or-later BSD-3-Clause diff --git a/multimedia/minidlna/patches/030-mark_all_instances_of_magic_container_s_as_const.patch b/multimedia/minidlna/patches/030-mark_all_instances_of_magic_container_s_as_const.patch index 84a818835a..92c521f646 100644 --- a/multimedia/minidlna/patches/030-mark_all_instances_of_magic_container_s_as_const.patch +++ b/multimedia/minidlna/patches/030-mark_all_instances_of_magic_container_s_as_const.patch @@ -105,7 +105,7 @@ Subject: [PATCH] Mark all instances of magic_container_s as const { int ret; -@@ -1301,7 +1301,7 @@ BrowseContentDirectory(struct upnphttp * +@@ -1305,7 +1305,7 @@ BrowseContentDirectory(struct upnphttp * "" "<DIDL-Lite" CONTENT_DIRECTORY_SCHEMAS; @@ -114,7 +114,7 @@ Subject: [PATCH] Mark all instances of magic_container_s as const char *zErrMsg = NULL; char *sql, *ptr; struct Response args; -@@ -1823,7 +1823,7 @@ SearchContentDirectory(struct upnphttp * +@@ -1828,7 +1828,7 @@ SearchContentDirectory(struct upnphttp * "" "<DIDL-Lite" CONTENT_DIRECTORY_SCHEMAS;