Hello community, here is the log from the commit of package audiofile for openSUSE:Factory checked in at 2018-10-25 08:09:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/audiofile (Old) and /work/SRC/openSUSE:Factory/.audiofile.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "audiofile" Thu Oct 25 08:09:19 2018 rev:38 rq:642799 version:0.3.6 Changes: -------- --- /work/SRC/openSUSE:Factory/audiofile/audiofile.changes 2017-06-12 15:26:57.574670650 +0200 +++ /work/SRC/openSUSE:Factory/.audiofile.new/audiofile.changes 2018-10-25 08:09:20.804305781 +0200 @@ -1,0 +2,8 @@ +Thu Oct 18 07:45:17 UTC 2018 - [email protected] + +- Add 0007-set-the-output-chunk-to-the-amount-of-frames.patch to + set the output chunk to the amount of frames we pulled so that + the next module in the chain has the correct frame count ( + boo#1111586, CVE-2018-17095 ). + +------------------------------------------------------------------- New: ---- 0007-set-the-output-chunk-to-the-amount-of-frames.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ audiofile.spec ++++++ --- /var/tmp/diff_new_pack.XKuSSX/_old 2018-10-25 08:09:21.248305490 +0200 +++ /var/tmp/diff_new_pack.XKuSSX/_new 2018-10-25 08:09:21.248305490 +0200 @@ -1,7 +1,7 @@ # # spec file for package audiofile # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ Version: 0.3.6 Release: 0 Summary: An Audio File Library -License: GPL-2.0+ and LGPL-2.1+ +License: GPL-2.0-or-later AND LGPL-2.1-or-later Group: System/Libraries %define lname libaudiofile%{so_num} Url: http://www.68k.org/~michael/audiofile/ @@ -43,6 +43,8 @@ Patch7: 0005-Actually-fail-when-error-occurs-in-parseFormat.patch # PATCH-FIX-UPSTREAM 0006-Check-for-division-by-zero-in-BlockCodec-runPull.patch boo#1026983 [email protected] -- Check for division by zero in BlockCodec::runPull https://github.com/mpruett/audiofile/pull/44 Patch8: 0006-Check-for-division-by-zero-in-BlockCodec-runPull.patch +# PATCH-FIX-UPSTREAM 0007-set-the-output-chunk-to-the-amount-of-frames.patch boo#11115865 [email protected] -- Set output chunk framecount after pull https://github.com/mpruett/audiofile/pull/52 +Patch9: 0007-set-the-output-chunk-to-the-amount-of-frames.patch BuildRequires: autoconf BuildRequires: automake BuildRequires: gcc-c++ @@ -116,6 +118,7 @@ %patch6 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build autoreconf -fi ++++++ 0007-set-the-output-chunk-to-the-amount-of-frames.patch ++++++ diff --git a/libaudiofile/modules/SimpleModule.cpp b/libaudiofile/modules/SimpleModule.cpp index 2bae1eb..d933eeb 100644 --- a/libaudiofile/modules/SimpleModule.cpp +++ b/libaudiofile/modules/SimpleModule.cpp @@ -26,6 +26,7 @@ void SimpleModule::runPull() { pull(m_outChunk->frameCount); + m_outChunk->frameCount = m_inChunk->frameCount; run(*m_inChunk, *m_outChunk); }
