Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2022-04-10 19:05:15 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new.1900 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libsndfile" Sun Apr 10 19:05:15 2022 rev:62 rq:967828 version:1.1.0 Changes: -------- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes 2021-03-21 23:19:14.260715905 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new.1900/libsndfile-progs.changes 2022-04-10 19:05:27.326465719 +0200 @@ -1,0 +2,37 @@ +Fri Apr 8 15:02:29 CEST 2022 - ti...@suse.de + +- Fix build with libsndfile 1.1.0; add missing build reqs + +------------------------------------------------------------------- +Tue Mar 29 18:07:33 UTC 2022 - Dirk M??ller <dmuel...@suse.com> + +- update to 1.1.0: + * Added MPEG Encode/Decode Support + * New fuzzer for OSS-Fuzz, thanks @DavidKorczynski. + Fixed: + * Memory leak in caf_read_header(), credit to OSS-Fuzz (issue 30375). + * Stack overflow in guess_file_type() + * Abort in fuzzer, thanks @bobsayshilol, credit to OSS-Fuzz + * Infinite loop in svx_read_header(), thanks @bobsayshilol, credit to OSS-Fuzz + * GCC and Clang pedantic warnings, thanks @bobsayshilol. + * Normalisation issue when scaling floating point data to int in + replace_read_f2i(), thanks @bobsayshilol, (issue #702). + * Missing samples when doing a partial read of Ogg file from index till the + end of file, thanks @arthurt (issue #643). + * sndfile-salvage: Handle files > 4 GB on Windows OS + * Undefined shift in dyn_get_32bit(), credit to OSS-Fuzz + * Integer overflow in nms_adpcm_update(), credit to OSS-Fuzz + * Integer overflow in psf_log_printf(), credit to OSS-Fuzz + * ABI version incompatibility between Autotools and CMake build on Apple + platforms. + * Heap buffer overflow in wavlike_ima_decode_block() + * Heap buffer overflow in msadpcm_decode_block() + * Heap buffer overflow in psf_binheader_readf() + * Index out of bounds in psf_nms_adpcm_decode_block() + * Heap buffer overflow in flac_buffer_copy() + * Heap buffer overflow in copyPredictorTo24() + * Uninitialized variable in psf_binheader_readf() +- drop sndfile-deinterlace-channels-check.patch ms_adpcm-Fix-and-extend-size-checks.patch, + libsndfile-CVE-2021-4156.patch (obsolete) + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes 2022-01-05 13:39:18.993505007 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new.1900/libsndfile.changes 2022-04-10 19:05:27.362465321 +0200 @@ -1,0 +2,32 @@ +Tue Mar 29 18:07:33 UTC 2022 - Dirk M??ller <dmuel...@suse.com> + +- update to 1.1.0: + * Added MPEG Encode/Decode Support + * New fuzzer for OSS-Fuzz, thanks @DavidKorczynski. + Fixed: + * Memory leak in caf_read_header(), credit to OSS-Fuzz (issue 30375). + * Stack overflow in guess_file_type() + * Abort in fuzzer, thanks @bobsayshilol, credit to OSS-Fuzz + * Infinite loop in svx_read_header(), thanks @bobsayshilol, credit to OSS-Fuzz + * GCC and Clang pedantic warnings, thanks @bobsayshilol. + * Normalisation issue when scaling floating point data to int in + replace_read_f2i(), thanks @bobsayshilol, (issue #702). + * Missing samples when doing a partial read of Ogg file from index till the + end of file, thanks @arthurt (issue #643). + * sndfile-salvage: Handle files > 4 GB on Windows OS + * Undefined shift in dyn_get_32bit(), credit to OSS-Fuzz + * Integer overflow in nms_adpcm_update(), credit to OSS-Fuzz + * Integer overflow in psf_log_printf(), credit to OSS-Fuzz + * ABI version incompatibility between Autotools and CMake build on Apple + platforms. + * Heap buffer overflow in wavlike_ima_decode_block() + * Heap buffer overflow in msadpcm_decode_block() + * Heap buffer overflow in psf_binheader_readf() + * Index out of bounds in psf_nms_adpcm_decode_block() + * Heap buffer overflow in flac_buffer_copy() + * Heap buffer overflow in copyPredictorTo24() + * Uninitialized variable in psf_binheader_readf() +- drop sndfile-deinterlace-channels-check.patch ms_adpcm-Fix-and-extend-size-checks.patch, + libsndfile-CVE-2021-4156.patch (obsolete) + +------------------------------------------------------------------- Old: ---- libsndfile-1.0.31.tar.bz2 libsndfile-1.0.31.tar.bz2.sig libsndfile-CVE-2021-4156.patch ms_adpcm-Fix-and-extend-size-checks.patch sndfile-deinterlace-channels-check.patch New: ---- libsndfile-1.1.0.tar.xz libsndfile-1.1.0.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsndfile-progs.spec ++++++ --- /var/tmp/diff_new_pack.QI7OsA/_old 2022-04-10 19:05:28.478452966 +0200 +++ /var/tmp/diff_new_pack.QI7OsA/_new 2022-04-10 19:05:28.486452878 +0200 @@ -17,16 +17,15 @@ Name: libsndfile-progs -Version: 1.0.31 +Version: 1.1.0 Release: 0 Summary: Example Programs for libsndfile License: LGPL-2.1-or-later Group: System/Libraries URL: https://libsndfile.github.io/libsndfile/ -Source0: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.bz2 -Source1: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.bz2.sig +Source0: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.xz +Source1: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.xz.asc Source2: libsndfile.keyring -Patch34: sndfile-deinterlace-channels-check.patch # PATCH-FIX-OPENSUSE Patch100: sndfile-ocloexec.patch BuildRequires: alsa-devel @@ -34,28 +33,28 @@ BuildRequires: flac-devel BuildRequires: gcc-c++ BuildRequires: libjack-devel +BuildRequires: libopus-devel BuildRequires: libtool BuildRequires: libvorbis-devel BuildRequires: pkgconfig +BuildRequires: speex-devel BuildRequires: sqlite3-devel %description This package includes the example programs for libsndfile. %prep -%setup -q -n libsndfile-%{version} -%patch34 -p1 -%patch100 -p1 +%autosetup -p1 -n libsndfile-%{version} %build -%cmake -DENABLE_EXPERIMENTAL=ON -DBUILD_EXAMPLES=OFF +%cmake -DENABLE_EXPERIMENTAL=ON -DBUILD_EXAMPLES=OFF -DCMAKE_INSTALL_DOCDIR=%{_defaultdocdir}/libsndfile %cmake_build %install %cmake_install # remove unnecessary files -rm -rf %{buildroot}%{_datadir}/doc/libsndfile +rm -rf %{buildroot}%{_defaultdocdir}/libsndfile rm -rf %{buildroot}%{_libdir} rm -rf %{buildroot}%{_includedir} rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev ++++++ libsndfile.spec ++++++ --- /var/tmp/diff_new_pack.QI7OsA/_old 2022-04-10 19:05:28.510452612 +0200 +++ /var/tmp/diff_new_pack.QI7OsA/_new 2022-04-10 19:05:28.514452568 +0200 @@ -18,19 +18,16 @@ %define lname %{name}1 Name: libsndfile -Version: 1.0.31 +Version: 1.1.0 Release: 0 Summary: Development/Libraries/C and C++ License: LGPL-2.1-or-later Group: System/Libraries URL: https://libsndfile.github.io/libsndfile/ -Source0: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.bz2 -Source1: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.bz2.sig -Source2: %{name}.keyring +Source0: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.xz +Source1: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.xz.asc +Source2: libsndfile.keyring Source3: baselibs.conf -Patch34: sndfile-deinterlace-channels-check.patch -Patch35: ms_adpcm-Fix-and-extend-size-checks.patch -Patch40: libsndfile-CVE-2021-4156.patch # PATCH-FIX-OPENSUSE Patch100: sndfile-ocloexec.patch BuildRequires: cmake @@ -77,8 +74,7 @@ libsndfile library. %prep -%setup -q -%autopatch -p1 +%autosetup -p1 %build %cmake -DENABLE_EXPERIMENTAL=ON -DBUILD_EXAMPLES=OFF -DCMAKE_INSTALL_DOCDIR=%{_defaultdocdir}/libsndfile @@ -96,13 +92,13 @@ %postun -n %{lname} -p /sbin/ldconfig %check -# check requires -DBUILD_SHARED_LIBS=off +# ctest fails?! %files -n %{lname} %{_libdir}/libsndfile.so.1* %files devel -%doc AUTHORS ChangeLog NEWS README +%doc AUTHORS CHANGELOG.md README %license COPYING %{_libdir}/libsndfile.so %{_includedir}/sndfile.h ++++++ sndfile-ocloexec.patch ++++++ --- /var/tmp/diff_new_pack.QI7OsA/_old 2022-04-10 19:05:28.578451859 +0200 +++ /var/tmp/diff_new_pack.QI7OsA/_new 2022-04-10 19:05:28.578451859 +0200 @@ -2,9 +2,11 @@ src/file_io.c | 3 +++ 1 file changed, 3 insertions(+) ---- a/src/file_io.c -+++ b/src/file_io.c -@@ -570,6 +570,9 @@ psf_open_fd (PSF_FILE * pfile) +Index: libsndfile-1.1.0/src/file_io.c +=================================================================== +--- libsndfile-1.1.0.orig/src/file_io.c ++++ libsndfile-1.1.0/src/file_io.c +@@ -598,6 +598,9 @@ psf_open_fd (PSF_FILE * pfile) return - SFE_BAD_OPEN_MODE ; break ; } ; @@ -13,5 +15,5 @@ +#endif if (mode == 0) - fd = open (pfile->path.c, oflag) ; + fd = open (pfile->path, oflag) ;