[gentoo-commits] repo/gentoo:master commit in: media-sound/vorbis-tools/files/, media-sound/vorbis-tools/
commit: 05aa17f5639172598cd0ab639cf51afe789a755d
Author: Miroslav Šulc gentoo org>
AuthorDate: Thu Jan 4 10:25:24 2024 +
Commit: Miroslav Šulc gentoo org>
CommitDate: Thu Jan 4 10:25:34 2024 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=05aa17f5
media-sound/vorbis-tools: applied buffer overflow fix
Bug: https://bugs.gentoo.org/918549
Signed-off-by: Miroslav Šulc gentoo.org>
.../files/vorbis-tools-1.4.2-docdir.patch | 4 +--
.../vorbis-tools-1.4.2-fix-buffer-overflow.patch | 32 ++
4.2-r3.ebuild => vorbis-tools-1.4.2-r4.ebuild} | 3 +-
3 files changed, 36 insertions(+), 3 deletions(-)
diff --git a/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-docdir.patch
b/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-docdir.patch
index faec14fe65c6..3dc0bd1892f8 100644
--- a/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-docdir.patch
+++ b/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-docdir.patch
@@ -1,8 +1,8 @@
Thanks-to: Chris Mayo
https://bugs.gentoo.org/533774
a/configure2021-01-21 10:14:17.0 +0100
-+++ b/configure2021-01-23 14:24:06.178883282 +0100
+--- a/configure
b/configure
@@ -937,7 +937,7 @@
runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
diff --git
a/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-fix-buffer-overflow.patch
b/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-fix-buffer-overflow.patch
new file mode 100644
index ..20d4b65e2630
--- /dev/null
+++
b/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-fix-buffer-overflow.patch
@@ -0,0 +1,32 @@
+fix from https://gitlab.xiph.org/xiph/vorbis-tools/-/merge_requests/7
+
+ diff --git a/oggenc/platform.c b/oggenc/platform.c
+ index 6d9f4ef..b66e47a 100644
+ --- a/oggenc/platform.c
+ +++ b/oggenc/platform.c
+ @@ -136,18 +136,22 @@ int create_directories(char *fn, int isutf8)
+ {
+ char *end, *start;
+ struct stat statbuf;
+ -char *segment = malloc(strlen(fn)+1);
+ +const size_t fn_len = strlen(fn);
+ +char *segment = malloc(fn_len+1);
+ #ifdef _WIN32
+ wchar_t seg[MAX_PATH+1];
+ #endif
+
+ start = fn;
+ #ifdef _WIN32
+ -if(strlen(fn) >= 3 && isalpha(fn[0]) && fn[1]==':')
+ +// Strip drive prefix
+ +if(fn_len >= 3 && isalpha(fn[0]) && fn[1]==':') {
+ +
+ start = start+2;
+ #endif
+
+ -while((end = strpbrk(start+1, PATH_SEPS)) != NULL)
+ +// Loop through path segments, creating directories if necessary
+ +while((end = strpbrk(start + strspn(start, PATH_SEPS), PATH_SEPS)) !=
NULL)
+ {
+ int rv;
+ memcpy(segment, fn, end-fn);
diff --git a/media-sound/vorbis-tools/vorbis-tools-1.4.2-r3.ebuild
b/media-sound/vorbis-tools/vorbis-tools-1.4.2-r4.ebuild
similarity index 92%
rename from media-sound/vorbis-tools/vorbis-tools-1.4.2-r3.ebuild
rename to media-sound/vorbis-tools/vorbis-tools-1.4.2-r4.ebuild
index 5ba47cf06cc9..05d291d1539e 100644
--- a/media-sound/vorbis-tools/vorbis-tools-1.4.2-r3.ebuild
+++ b/media-sound/vorbis-tools/vorbis-tools-1.4.2-r4.ebuild
@@ -1,4 +1,4 @@
-# Copyright 1999-2023 Gentoo Authors
+# Copyright 1999-2024 Gentoo Authors
# Distributed under the terms of the GNU General Public License v2
EAPI=8
@@ -34,6 +34,7 @@ BDEPEND="
PATCHES=(
"${FILESDIR}"/${PN}-1.4.2-r3-docdir.patch
"${FILESDIR}"/${P}-clang16.patch
+ "${FILESDIR}"/${P}-fix-buffer-overflow.patch
)
src_prepare() {
[gentoo-commits] repo/gentoo:master commit in: media-sound/vorbis-tools/files/, media-sound/vorbis-tools/
commit: bfc87886e27b7a95dde799c82244954da8eaff26
Author: Ulrich Müller gentoo org>
AuthorDate: Tue Oct 31 09:12:15 2023 +
Commit: Miroslav Šulc gentoo org>
CommitDate: Wed Nov 1 10:16:33 2023 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bfc87886
media-sound/vorbis-tools: Fix install dir for ogg123 example
Closes: https://bugs.gentoo.org/869662
Signed-off-by: Ulrich Müller gentoo.org>
Closes: https://github.com/gentoo/gentoo/pull/33605
Signed-off-by: Miroslav Šulc gentoo.org>
.../files/vorbis-tools-1.4.2-r3-docdir.patch | 12 +
.../vorbis-tools/vorbis-tools-1.4.2-r3.ebuild | 53 ++
2 files changed, 65 insertions(+)
diff --git a/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-r3-docdir.patch
b/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-r3-docdir.patch
new file mode 100644
index ..6e78b0d6b7d2
--- /dev/null
+++ b/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-r3-docdir.patch
@@ -0,0 +1,12 @@
+https://bugs.gentoo.org/869662
+
+--- vorbis-tools-1.4.2/ogg123/Makefile.am
vorbis-tools-1.4.2/ogg123/Makefile.am
+@@ -25,7 +25,6 @@
+ localedir = $(datadir)/locale
+ DEFS = -DSYSCONFDIR=\"$(sysconfdir)\" -DLOCALEDIR=\"$(localedir)\" @DEFS@
+
+-docdir = $(datadir)/doc/$(PACKAGE)-$(VERSION)
+ mandir = @MANDIR@
+
+ bin_PROGRAMS = ogg123
diff --git a/media-sound/vorbis-tools/vorbis-tools-1.4.2-r3.ebuild
b/media-sound/vorbis-tools/vorbis-tools-1.4.2-r3.ebuild
new file mode 100644
index ..5ba47cf06cc9
--- /dev/null
+++ b/media-sound/vorbis-tools/vorbis-tools-1.4.2-r3.ebuild
@@ -0,0 +1,53 @@
+# Copyright 1999-2023 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit autotools
+
+DESCRIPTION="Tools for using the Ogg Vorbis sound file format"
+HOMEPAGE="https://xiph.org/vorbis/;
+SRC_URI="https://ftp.osuosl.org/pub/xiph/releases/vorbis/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~mips ~ppc ~ppc64 ~riscv
~sparc ~x86 ~amd64-linux ~x86-linux ~ppc-macos"
+IUSE="flac kate nls +ogg123 speex"
+
+RDEPEND="
+ media-libs/libvorbis
+ media-libs/opusfile
+ flac? ( media-libs/flac:= )
+ kate? ( media-libs/libkate )
+ ogg123? (
+ media-libs/libao
+ net-misc/curl
+ )
+ speex? ( media-libs/speex )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+ virtual/pkgconfig
+ nls? ( sys-devel/gettext )
+"
+
+PATCHES=(
+ "${FILESDIR}"/${PN}-1.4.2-r3-docdir.patch
+ "${FILESDIR}"/${P}-clang16.patch
+)
+
+src_prepare() {
+ default
+ eautoreconf
+}
+
+src_configure() {
+ local myeconfargs=(
+ $(use_with flac)
+ $(use_with kate)
+ $(use_enable nls)
+ $(use_enable ogg123)
+ $(use_with speex)
+ )
+ econf "${myeconfargs[@]}"
+}
[gentoo-commits] repo/gentoo:master commit in: media-sound/vorbis-tools/files/, media-sound/vorbis-tools/
commit: aad3e720d039fd78f880a62433019fe77bcdae00
Author: Andreas Sturmlechner gentoo org>
AuthorDate: Fri Feb 26 15:27:41 2021 +
Commit: Andreas Sturmlechner gentoo org>
CommitDate: Fri Feb 26 21:19:23 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aad3e720
media-sound/vorbis-tools: Drop 1.4.0-r5
Package-Manager: Portage-3.0.15, Repoman-3.0.2
Signed-off-by: Andreas Sturmlechner gentoo.org>
media-sound/vorbis-tools/Manifest | 1 -
.../files/vorbis-tools-1.4.0-CVE-2014-9638.patch | 92 --
.../files/vorbis-tools-1.4.0-CVE-2014-9640.patch | 24 --
.../files/vorbis-tools-1.4.0-docdir.patch | 14
.../files/vorbis-tools-1.4.0-format-security.patch | 11 ---
.../files/vorbis-tools-1.4.0-underlinking.patch| 47 ---
.../vorbis-tools/vorbis-tools-1.4.0-r5.ebuild | 53 -
7 files changed, 242 deletions(-)
diff --git a/media-sound/vorbis-tools/Manifest
b/media-sound/vorbis-tools/Manifest
index 7c4e168674b..a898479f8eb 100644
--- a/media-sound/vorbis-tools/Manifest
+++ b/media-sound/vorbis-tools/Manifest
@@ -1,2 +1 @@
-DIST vorbis-tools-1.4.0.tar.gz 1346532 BLAKE2B
37a915c522bc7ec3746d96bef3982f59aa590098425609d8d9a5cd522d15fe7ca5f0cf6cceb8eadf1a14b732f812b56206ec20c04121e20f34b9df0755d8bd18
SHA512
d2473f2e8e6726b5a5083f567797ae42bbb7fa3f26aec3f7b83e641e028c64726299f71a9d75258595a53cf29c18acb84841bcbc39509258d2c8df859e4e3b99
DIST vorbis-tools-1.4.2.tar.gz 1389947 BLAKE2B
6cec240a2c069a74accfadd4d4a5a2a75bb4ad40c83aff86e190f7b19a87d4348d7a932e69a9ae9dd2efff636f47d3465b3d26d39393b4fec925cb7d1543f77e
SHA512
31681560434054706981aef64406975295eb405a9d2d7c0468af789d6c23edb7cfc1c19d26a28fa7061835524289cdc6d217a4669c43a2eb828189370cc6fcaf
diff --git
a/media-sound/vorbis-tools/files/vorbis-tools-1.4.0-CVE-2014-9638.patch
b/media-sound/vorbis-tools/files/vorbis-tools-1.4.0-CVE-2014-9638.patch
deleted file mode 100644
index a643f1cb82f..000
--- a/media-sound/vorbis-tools/files/vorbis-tools-1.4.0-CVE-2014-9638.patch
+++ /dev/null
@@ -1,92 +0,0 @@
-Patches taken as references:
-https://github.com/mark4o/opus-tools/commit/8c412e619b83eb6dd32191909cf6672e93e5802e
-https://trac.xiph.org/attachment/ticket/2212/0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch
-To fix bug report:
-http://www.openwall.com/lists/oss-security/2015/08/29/1
-https://bugs.gentoo.org/show_bug.cgi?id=559170
-https://bugs.gentoo.org/show_bug.cgi?id=537422
a/oggenc/audio.h
-+++ b/oggenc/audio.h
-@@ -25,7 +25,7 @@
-
- typedef struct {
- short format;
--short channels;
-+unsigned short channels;
- int samplerate;
- int bytespersec;
- short align;
-@@ -44,7 +44,7 @@
- } wavfile;
-
- typedef struct {
--short channels;
-+unsigned short channels;
- int totalframes;
- short samplesize;
- int rate;
a/oggenc/audio.c
-+++ b/oggenc/audio.c
-@@ -245,8 +245,8 @@
- int aiff_open(FILE *in, oe_enc_opt *opt, unsigned char *buf, int buflen)
- {
- int aifc; /* AIFC or AIFF? */
--unsigned int len;
--unsigned char *buffer;
-+unsigned int len,readlen;
-+unsigned char buffer[22];
- unsigned char buf2[8];
- aiff_fmt format;
- aifffile *aiff = malloc(sizeof(aifffile));
-@@ -269,9 +269,9 @@
- return 0; /* Weird common chunk */
- }
-
--buffer = alloca(len);
--
--if(fread(buffer,1,len,in) < len)
-+readlen = len < sizeof(buffer) ? len : sizeof(buffer);
-+if(fread(buffer,1,readlen,in) < readlen ||
-+(len > readlen && !seek_forward(in, len-readlen)))
- {
- fprintf(stderr, _("Warning: Unexpected EOF in reading AIFF
header\n"));
- return 0;
-@@ -277,11 +277,18 @@
- return 0;
- }
-
--format.channels = READ_U16_BE(buffer);
-+format.channels = (short)READ_U16_BE(buffer);
- format.totalframes = READ_U32_BE(buffer+2);
- format.samplesize = READ_U16_BE(buffer+6);
- format.rate = (int)read_IEEE80(buffer+8);
-
-+if(format.channels <=0)
-+{
-+ fprintf(stderr, _("ERROR: Invalid channel count in AIFF header\n"));
-+ return 0;
-+
-+}
-+
- aiff->bigendian = 1;
-
- if(aifc)
-@@ -449,11 +449,17 @@
- }
-
- format.format = READ_U16_LE(buf);
--format.channels =READ_U16_LE(buf+2);
-+format.channels =(short)READ_U16_LE(buf+2);
- format.samplerate = READ_U32_LE(buf+4);
- format.bytespersec = READ_U32_LE(buf+8);
- format.align = READ_U16_LE(buf+12);
- format.samplesize = READ_U16_LE(buf+14);
-+
-+if(format.channels == 0)
-+{
-+ fprintf(stderr, _("ERROR: Zero channels in WAV header\n"));
-+ return 0;
-+}
-
- if(format.format == -2) /* WAVE_FORMAT_EXTENSIBLE */
- {
diff --git
a/media-sound/vorbis-tools/files/vorbis-tools-1.4.0-CVE-2014-9640.patch
b/media-sound/vorbis-tools/files/vorbis-tools-1.4.0-CVE-2014-9640.patch
deleted file mode 100644
index
[gentoo-commits] repo/gentoo:master commit in: media-sound/vorbis-tools/files/, media-sound/vorbis-tools/
commit: 2702d12908072c0f8f53c905af004a1692f8844d
Author: Andreas Sturmlechner gentoo org>
AuthorDate: Sat Jan 23 13:29:12 2021 +
Commit: Andreas Sturmlechner gentoo org>
CommitDate: Sat Jan 23 13:29:25 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2702d129
media-sound/vorbis-tools: 1.4.2 version bump
Closes: https://bugs.gentoo.org/766567
Package-Manager: Portage-3.0.14, Repoman-3.0.2
Signed-off-by: Andreas Sturmlechner gentoo.org>
media-sound/vorbis-tools/Manifest | 1 +
.../files/vorbis-tools-1.4.2-docdir.patch | 14 +++
media-sound/vorbis-tools/vorbis-tools-1.4.2.ebuild | 43 ++
3 files changed, 58 insertions(+)
diff --git a/media-sound/vorbis-tools/Manifest
b/media-sound/vorbis-tools/Manifest
index dac34365d6e..7c4e168674b 100644
--- a/media-sound/vorbis-tools/Manifest
+++ b/media-sound/vorbis-tools/Manifest
@@ -1 +1,2 @@
DIST vorbis-tools-1.4.0.tar.gz 1346532 BLAKE2B
37a915c522bc7ec3746d96bef3982f59aa590098425609d8d9a5cd522d15fe7ca5f0cf6cceb8eadf1a14b732f812b56206ec20c04121e20f34b9df0755d8bd18
SHA512
d2473f2e8e6726b5a5083f567797ae42bbb7fa3f26aec3f7b83e641e028c64726299f71a9d75258595a53cf29c18acb84841bcbc39509258d2c8df859e4e3b99
+DIST vorbis-tools-1.4.2.tar.gz 1389947 BLAKE2B
6cec240a2c069a74accfadd4d4a5a2a75bb4ad40c83aff86e190f7b19a87d4348d7a932e69a9ae9dd2efff636f47d3465b3d26d39393b4fec925cb7d1543f77e
SHA512
31681560434054706981aef64406975295eb405a9d2d7c0468af789d6c23edb7cfc1c19d26a28fa7061835524289cdc6d217a4669c43a2eb828189370cc6fcaf
diff --git a/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-docdir.patch
b/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-docdir.patch
new file mode 100644
index 000..faec14fe65c
--- /dev/null
+++ b/media-sound/vorbis-tools/files/vorbis-tools-1.4.2-docdir.patch
@@ -0,0 +1,14 @@
+Thanks-to: Chris Mayo
+https://bugs.gentoo.org/533774
+
+--- a/configure2021-01-21 10:14:17.0 +0100
b/configure2021-01-23 14:24:06.178883282 +0100
+@@ -937,7 +937,7 @@
+ runstatedir='${localstatedir}/run'
+ includedir='${prefix}/include'
+ oldincludedir='/usr/include'
+-docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
++docdir='${docdir}'
+ infodir='${datarootdir}/info'
+ htmldir='${docdir}'
+ dvidir='${docdir}'
diff --git a/media-sound/vorbis-tools/vorbis-tools-1.4.2.ebuild
b/media-sound/vorbis-tools/vorbis-tools-1.4.2.ebuild
new file mode 100644
index 000..eaae1ed0881
--- /dev/null
+++ b/media-sound/vorbis-tools/vorbis-tools-1.4.2.ebuild
@@ -0,0 +1,43 @@
+# Copyright 1999-2021 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+DESCRIPTION="Tools for using the Ogg Vorbis sound file format"
+HOMEPAGE="https://xiph.org/vorbis/;
+SRC_URI="https://ftp.osuosl.org/pub/xiph/releases/vorbis/${P}.tar.gz;
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~sparc ~x86
~amd64-linux ~x86-linux ~ppc-macos ~x86-solaris"
+IUSE="flac kate nls +ogg123 speex"
+
+RDEPEND="
+ media-libs/libvorbis
+ media-libs/opusfile
+ flac? ( media-libs/flac )
+ kate? ( media-libs/libkate )
+ ogg123? (
+ media-libs/libao
+ net-misc/curl
+ )
+ speex? ( media-libs/speex )
+"
+DEPEND="${RDEPEND}"
+BDEPEND="
+ virtual/pkgconfig
+ nls? ( sys-devel/gettext )
+"
+
+PATCHES=( "${FILESDIR}"/${P}-docdir.patch )
+
+src_configure() {
+ local myeconfargs=(
+ $(use_with flac)
+ $(use_with kate)
+ $(use_enable nls)
+ $(use_enable ogg123)
+ $(use_with speex)
+ )
+ econf "${myeconfargs[@]}"
+}
