commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2019-12-07 15:21:22
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new.4691 (New)
Package is "libsndfile"
Sat Dec 7 15:21:22 2019 rev:58 rq:753103 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2018-12-10
12:26:33.946633209 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new.4691/libsndfile.changes
2019-12-07 15:23:15.715729861 +0100
@@ -1,0 +2,8 @@
+Tue Dec 3 01:46:45 UTC 2019 - Stefan BrĂ¼ns
+
+- Remove build dependencies for progs subpackage from library:
+ * alsa-devel, only needed for the examples
+ * sqlite3-devel, only needed for the regression test
+- Only build library, pass --disable-full-suite to configure
+
+---
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.P7GAyB/_old 2019-12-07 15:23:16.315729778 +0100
+++ /var/tmp/diff_new_pack.P7GAyB/_new 2019-12-07 15:23:16.319729778 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile-progs
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -22,7 +22,7 @@
Summary:Example Programs for libsndfile
License:LGPL-2.1-or-later
Group: System/Libraries
-Url:http://www.mega-nerd.com/libsndfile/
+URL:http://www.mega-nerd.com/libsndfile/
Source0:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
Source1:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz.asc
Source2:libsndfile.keyring
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.P7GAyB/_old 2019-12-07 15:23:16.335729775 +0100
+++ /var/tmp/diff_new_pack.P7GAyB/_new 2019-12-07 15:23:16.339729775 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile
#
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -23,7 +23,7 @@
Summary:Development/Libraries/C and C++
License:LGPL-2.1-or-later
Group: System/Libraries
-Url:http://www.mega-nerd.com/libsndfile
+URL:http://www.mega-nerd.com/libsndfile
Source0:
http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz
Source1:
http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz.asc
Source2:%{name}.keyring
@@ -44,14 +44,12 @@
Patch40:libsndfile-wav-loop-count-fix.patch
# PATCH-FIX-OPENSUSE
Patch100: sndfile-ocloexec.patch
-BuildRequires: alsa-devel
BuildRequires: flac-devel
BuildRequires: gcc-c++
BuildRequires: libtool
BuildRequires: libvorbis-devel
BuildRequires: pkg-config
BuildRequires: speex-devel
-BuildRequires: sqlite-devel
Obsoletes: libsnd
Provides: libsnd
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -103,16 +101,13 @@
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
-%if 0%{?suse_version} < 1200
-sed -i -e'/^AM_SILENT_RULES/d' configure.ac
-%endif
autoreconf --force --install
CFLAGS="%{optflags} %{warn_flags}"
export CFLAGS
%configure \
--disable-silent-rules \
--disable-static \
- --enable-sqlite \
+ --disable-full-suite \
--with-pic \
--enable-experimental
make %{?_smp_mflags}
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2018-12-10 12:26:32
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new.19453 (New)
Package is "libsndfile"
Mon Dec 10 12:26:32 2018 rev:57 rq:653853 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2018-11-28
11:09:31.375222654 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new.19453/libsndfile.changes
2018-12-10 12:26:33.946633209 +0100
@@ -1,0 +2,7 @@
+Tue Dec 4 13:42:05 CET 2018 - ti...@suse.de
+
+- Fix segfault in wav conversion due to the invalid loop count
+ (CVE-2018-19758, bsc#1117954):
+ libsndfile-wav-loop-count-fix.patch
+
+---
New:
libsndfile-wav-loop-count-fix.patch
Other differences:
--
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.kS6361/_old 2018-12-10 12:26:34.650632506 +0100
+++ /var/tmp/diff_new_pack.kS6361/_new 2018-12-10 12:26:34.654632502 +0100
@@ -40,6 +40,8 @@
Patch32:libsndfile-CVE-2017-17456-alaw-range-check.patch
Patch33:libsndfile-CVE-2017-17457-ulaw-range-check.patch
Patch34:sndfile-deinterlace-channels-check.patch
+# not yet upstreamed, CVE-2018-19758, bsc#1117954
+Patch40:libsndfile-wav-loop-count-fix.patch
# PATCH-FIX-OPENSUSE
Patch100: sndfile-ocloexec.patch
BuildRequires: alsa-devel
@@ -96,6 +98,7 @@
%patch32 -p1
%patch33 -p1
%patch34 -p1
+%patch40 -p1
%patch100 -p1
%build
++ libsndfile-wav-loop-count-fix.patch ++
From: Takashi Iwai
Subject: wav: Fix segfault due to invalid loop_count
References: CVE-2018-19758, bsc#1117954
The psf->instrument->loop_count can be over the actual loops array size,
and it leads to a segfault.
Just add the loop size fix to address it.
Signed-off-by: Takashi Iwai
---
src/wav.c |3 +++
1 file changed, 3 insertions(+)
--- a/src/wav.c
+++ b/src/wav.c
@@ -1097,6 +1097,9 @@ wav_write_header (SF_PRIVATE *psf, int c
for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++)
{ int type ;
+ if (tmp >= ARRAY_LEN (psf->instrument->loops))
+ break;
+
type = psf->instrument->loops [tmp].mode ;
type = (type == SF_LOOP_FORWARD ? 0 : type ==
SF_LOOP_BACKWARD ? 2 : type == SF_LOOP_ALTERNATING ? 1 : 32) ;
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2018-11-28 11:09:29
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new.19453 (New)
Package is "libsndfile"
Wed Nov 28 11:09:29 2018 rev:56 rq:651403 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes
2017-04-17 10:24:07.592778096 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new.19453/libsndfile-progs.changes
2018-11-28 11:09:31.203222888 +0100
@@ -1,0 +2,18 @@
+Fri Jul 6 14:11:47 CEST 2018 - ti...@suse.de
+
+- Fix buffer overflow in sndfile-deinterleave, which isn't really a
+ security issue (bsc#1100167, CVE-2018-13139, bsc#1116993,
+ CVE-2018-19432):
+ (Apply all the rest as well to sync with libsndfile.spec)
+ 0001-FLAC-Fix-a-buffer-read-overrun.patch
+ 0002-src-flac.c-Fix-a-buffer-read-overflow.patch
+ 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
+ 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
+ 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
+ 0031-sfe_copy_data_fp-check-value-of-max-variable.patch
+ libsndfile-CVE-2017-17456-alaw-range-check.patch
+ libsndfile-CVE-2017-17457-ulaw-range-check.patch
+ sndfile-deinterlace-channels-check.patch
+ sndfile-ocloexec.patch
+
+---
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2018-07-13
10:16:53.430136861 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new.19453/libsndfile.changes
2018-11-28 11:09:31.375222654 +0100
@@ -4,2 +4,3 @@
-- Fix buffer overflow in sndfile-deinterlace, which isn't really a
- security issue (bsc#1100167, CVE-2018-13139):
+- Fix buffer overflow in sndfile-deinterleave, which isn't really a
+ security issue (bsc#1100167, CVE-2018-13139, bsc#1116993,
+ CVE-2018-19432):
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.TGCTqk/_old 2018-11-28 11:09:32.111221653 +0100
+++ /var/tmp/diff_new_pack.TGCTqk/_new 2018-11-28 11:09:32.115221648 +0100
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
@@ -26,6 +26,20 @@
Source0:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
Source1:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz.asc
Source2:libsndfile.keyring
+# PATCH-FIX-UPSTREAM
+Patch1: 0001-FLAC-Fix-a-buffer-read-overrun.patch
+Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch
+Patch10:0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
+Patch20:0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
+Patch30:0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
+# not yet upstreamed, https://github.com/erikd/libsndfile/issues/317
+Patch31:0031-sfe_copy_data_fp-check-value-of-max-variable.patch
+# not yet upstreamed
+Patch32:libsndfile-CVE-2017-17456-alaw-range-check.patch
+Patch33:libsndfile-CVE-2017-17457-ulaw-range-check.patch
+Patch34:sndfile-deinterlace-channels-check.patch
+# PATCH-FIX-OPENSUSE
+Patch100: sndfile-ocloexec.patch
BuildRequires: alsa-devel
BuildRequires: flac-devel
BuildRequires: gcc-c++
@@ -41,6 +55,16 @@
%prep
%setup -q -n libsndfile-%{version}
+%patch1 -p1
+%patch2 -p1
+%patch10 -p1
+%patch20 -p1
+%patch30 -p1
+%patch31 -p1
+%patch32 -p1
+%patch33 -p1
+%patch34 -p1
+%patch100 -p1
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.TGCTqk/_old 2018-11-28 11:09:32.131221625 +0100
+++ /var/tmp/diff_new_pack.TGCTqk/_new 2018-11-28 11:09:32.135221621 +0100
@@ -12,7 +12,7 @@
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2018-07-13 10:16:48
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Fri Jul 13 10:16:48 2018 rev:55 rq:621331 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2018-06-15
14:33:51.239603159 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2018-07-13 10:16:53.430136861 +0200
@@ -1,0 +2,7 @@
+Fri Jul 6 14:11:47 CEST 2018 - ti...@suse.de
+
+- Fix buffer overflow in sndfile-deinterlace, which isn't really a
+ security issue (bsc#1100167, CVE-2018-13139):
+ sndfile-deinterlace-channels-check.patch
+
+---
New:
sndfile-deinterlace-channels-check.patch
Other differences:
--
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.yHVOAL/_old 2018-07-13 10:16:54.634138287 +0200
+++ /var/tmp/diff_new_pack.yHVOAL/_new 2018-07-13 10:16:54.634138287 +0200
@@ -39,6 +39,7 @@
# not yet upstreamed
Patch32:libsndfile-CVE-2017-17456-alaw-range-check.patch
Patch33:libsndfile-CVE-2017-17457-ulaw-range-check.patch
+Patch34:sndfile-deinterlace-channels-check.patch
# PATCH-FIX-OPENSUSE
Patch100: sndfile-ocloexec.patch
BuildRequires: alsa-devel
@@ -94,6 +95,7 @@
%patch31 -p1
%patch32 -p1
%patch33 -p1
+%patch34 -p1
%patch100 -p1
%build
++ sndfile-deinterlace-channels-check.patch ++
diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c
index 5366031075ab..712cb96cda76 100644
--- a/programs/sndfile-deinterleave.c
+++ b/programs/sndfile-deinterleave.c
@@ -89,6 +89,11 @@ main (int argc, char **argv)
exit (1) ;
} ;
+ if (sfinfo.channels > MAX_CHANNELS)
+ { printf ("\nError : Too many channels %d in input file '%s'.\n",
sfinfo.channels, argv[1]) ;
+ exit (1) ;
+ }
+
state.channels = sfinfo.channels ;
sfinfo.channels = 1 ;
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2018-06-15 14:33:46
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Fri Jun 15 14:33:46 2018 rev:54 rq:615239 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-12-21
11:21:59.085078039 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2018-06-15 14:33:51.239603159 +0200
@@ -1,0 +2,15 @@
+Fri Jun 8 14:49:18 CEST 2018 - ti...@suse.de
+
+- Use license file tag
+
+---
+Fri Jun 8 14:46:54 CEST 2018 - ti...@suse.de
+
+- Fix potential overflow in d2alaw_array() (CVE-2017-17456,
+ bsc#1071777):
+ libsndfile-CVE-2017-17456-alaw-range-check.patch
+- Fix potential overflow in d2ulaw_array() (CVE-2017-17457,
+ bsc#1071767):
+ libsndfile-CVE-2017-17457-ulaw-range-check.patch
+
+---
New:
libsndfile-CVE-2017-17456-alaw-range-check.patch
libsndfile-CVE-2017-17457-ulaw-range-check.patch
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.sKLCW7/_old 2018-06-15 14:33:52.195568193 +0200
+++ /var/tmp/diff_new_pack.sKLCW7/_new 2018-06-15 14:33:52.199568046 +0200
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile-progs
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -20,7 +20,7 @@
Version:1.0.28
Release:0
Summary:Example Programs for libsndfile
-License:LGPL-2.1+
+License:LGPL-2.1-or-later
Group: System/Libraries
Url:http://www.mega-nerd.com/libsndfile/
Source0:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.sKLCW7/_old 2018-06-15 14:33:52.227567022 +0200
+++ /var/tmp/diff_new_pack.sKLCW7/_new 2018-06-15 14:33:52.231566875 +0200
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile
#
-# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -21,7 +21,7 @@
Version:1.0.28
Release:0
Summary:Development/Libraries/C and C++
-License:LGPL-2.1+
+License:LGPL-2.1-or-later
Group: System/Libraries
Url:http://www.mega-nerd.com/libsndfile
Source0:
http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz
@@ -36,6 +36,9 @@
Patch30:0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
# not yet upstreamed, https://github.com/erikd/libsndfile/issues/317
Patch31:0031-sfe_copy_data_fp-check-value-of-max-variable.patch
+# not yet upstreamed
+Patch32:libsndfile-CVE-2017-17456-alaw-range-check.patch
+Patch33:libsndfile-CVE-2017-17457-ulaw-range-check.patch
# PATCH-FIX-OPENSUSE
Patch100: sndfile-ocloexec.patch
BuildRequires: alsa-devel
@@ -89,6 +92,8 @@
%patch20 -p1
%patch30 -p1
%patch31 -p1
+%patch32 -p1
+%patch33 -p1
%patch100 -p1
%build
@@ -133,8 +138,9 @@
%files devel
%defattr(-, root, root)
-%doc AUTHORS COPYING ChangeLog NEWS README
+%doc AUTHORS ChangeLog NEWS README
%doc doc/*.html doc/*.jpg doc/*.css doc/*.HOWTO
+%license COPYING
%{_libdir}/libsndfile.so
%{_includedir}/sndfile.h
%{_includedir}/sndfile.hh
++ libsndfile-CVE-2017-17456-alaw-range-check.patch ++
---
src/alaw.c | 36
1 file changed, 28 insertions(+), 8 deletions(-)
--- a/src/alaw.c
+++ b/src/alaw.c
@@ -336,20 +336,40 @@ i2alaw_array (const int *ptr, int count,
static inline void
f2alaw_array (const float *ptr, int count, unsigned char *buffer, float
normfact)
{ while (--count >= 0)
- { if (ptr [count] >= 0)
- buffer [count] = alaw_encode [lrintf (normfact * ptr
[count])] ;
- else
- buffer [count] = 0x7F & alaw_encode [- lrintf (normfact
* ptr [count])] ;
+ { int idx;
+ if (isnan (ptr [count])) {
+ buffer [count] = alaw_encode [0] ;
+ } else if (ptr [count] >= 0) {
+ idx = lrintf (normfact * ptr [count]) ;
+ if (i
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2017-12-21 11:21:57
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Thu Dec 21 11:21:57 2017 rev:53 rq:558623 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-08-12
20:06:49.371360704 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2017-12-21 11:21:59.085078039 +0100
@@ -1,0 +2,12 @@
+Tue Dec 19 15:57:19 CET 2017 - ti...@suse.de
+
+- Fix VUL-0: divide-by-zero error exists in the function
+ double64_init() in double64.c (CVE-2017-14634, bsc#1059911):
+ 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
+- Tentative fix for VUL-0: out of bounds read in the function
+ d2alaw_array() in alaw.c (CVE-2017-14245, bsc#1059912) and
+ VUL-0: out of bounds read in the function d2ulaw_array() in
+ ulaw.c (CVE-2017-14246, bsc#1059913):
+ 0031-sfe_copy_data_fp-check-value-of-max-variable.patch
+
+---
New:
0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
0031-sfe_copy_data_fp-check-value-of-max-variable.patch
Other differences:
--
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.ZAJDJL/_old 2017-12-21 11:22:00.093028892 +0100
+++ /var/tmp/diff_new_pack.ZAJDJL/_new 2017-12-21 11:22:00.097028697 +0100
@@ -33,6 +33,9 @@
Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch
Patch10:0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
Patch20:0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
+Patch30:0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
+# not yet upstreamed, https://github.com/erikd/libsndfile/issues/317
+Patch31:0031-sfe_copy_data_fp-check-value-of-max-variable.patch
# PATCH-FIX-OPENSUSE
Patch100: sndfile-ocloexec.patch
BuildRequires: alsa-devel
@@ -84,6 +87,8 @@
%patch2 -p1
%patch10 -p1
%patch20 -p1
+%patch30 -p1
+%patch31 -p1
%patch100 -p1
%build
++ 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch ++
>From 85c877d5072866aadbe8ed0c3e0590fbb5e16788 Mon Sep 17 00:00:00 2001
From: Fabian Greffrath
Date: Thu, 28 Sep 2017 12:15:04 +0200
Subject: [PATCH] double64_init: Check psf->sf.channels against upper bound
This prevents division by zero later in the code.
While the trivial case to catch this (i.e. sf.channels < 1) has already
been covered, a crafted file may report a number of channels that is
so high (i.e. > INT_MAX/sizeof(double)) that it "somehow" gets
miscalculated to zero (if this makes sense) in the determination of the
blockwidth. Since we only support a limited number of channels anyway,
make sure to check here as well.
CVE-2017-14634
Closes: https://github.com/erikd/libsndfile/issues/318
Signed-off-by: Erik de Castro Lopo
---
src/double64.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/src/double64.c
+++ b/src/double64.c
@@ -91,7 +91,7 @@ int
double64_init (SF_PRIVATE *psf)
{ static int double64_caps ;
- if (psf->sf.channels < 1)
+ if (psf->sf.channels < 1 || psf->sf.channels > SF_MAX_CHANNELS)
{ psf_log_printf (psf, "double64_init : internal error : channels
= %d\n", psf->sf.channels) ;
return SFE_INTERNAL ;
} ;
++ 0031-sfe_copy_data_fp-check-value-of-max-variable.patch ++
>From 2d54514a4f6437b67829717c05472d2e3300a258 Mon Sep 17 00:00:00 2001
From: Fabian Greffrath
Date: Wed, 27 Sep 2017 14:46:17 +0200
Subject: [PATCH] sfe_copy_data_fp: check value of "max" variable for being
normal
and check elements of the data[] array for being finite.
Both checks use functions provided by the header as declared
by the C99 standard.
Fixes #317
CVE-2017-14245
CVE-2017-14246
---
programs/common.c | 20
programs/common.h |2 +-
programs/sndfile-convert.c |6 +-
3 files changed, 22 insertions(+), 6 deletions(-)
--- a/programs/common.c
+++ b/programs/common.c
@@ -36,6 +36,7 @@
#include
#include
#include
+#include
#include
@@ -45,7 +46,7 @@
#defineMIN(x, y) ((x) < (y) ? (x) : (y))
-void
+int
sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int
normalize)
{ static double data [BUFFER_LEN], max ;
int frames, readcount, k ;
@@ -54,6 +55,8 @@ sfe_copy_data_fp (SNDFILE *outfile, SNDF
readcount = frames ;
sf_command (infile, SFC_CALC_SIGNAL_MAX, &max, sizeof (max)) ;
+ if (!isnormal (max)) /* neither zero, subnormal, infinite,
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2017-08-12 20:06:48
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Sat Aug 12 20:06:48 2017 rev:52 rq:515153 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-06-15
11:18:38.395681818 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2017-08-12 20:06:49.371360704 +0200
@@ -1,0 +2,7 @@
+Tue Aug 8 11:00:09 CEST 2017 - ti...@suse.de
+
+- Fix Heap-based Buffer Overflow in the psf_binheader_writef
+ (CVE-2017-12562, bsc#1052476):
+ 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
+
+---
New:
0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
Other differences:
--
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.p4EhNR/_old 2017-08-12 20:06:51.047125936 +0200
+++ /var/tmp/diff_new_pack.p4EhNR/_new 2017-08-12 20:06:51.051125376 +0200
@@ -32,6 +32,7 @@
Patch1: 0001-FLAC-Fix-a-buffer-read-overrun.patch
Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch
Patch10:0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
+Patch20:0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
# PATCH-FIX-OPENSUSE
Patch100: sndfile-ocloexec.patch
BuildRequires: alsa-devel
@@ -82,6 +83,7 @@
%patch1 -p1
%patch2 -p1
%patch10 -p1
+%patch20 -p1
%patch100 -p1
%build
++ 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch ++
>From cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rn=20Heusipp?=
Date: Wed, 14 Jun 2017 12:25:40 +0200
Subject: [PATCH] src/common.c: Fix heap buffer overflows when writing strings
in binheader
Fixes the following problems:
1. Case 's' only enlarges the buffer by 16 bytes instead of size bytes.
2. psf_binheader_writef() enlarges the header buffer (if needed) prior to the
big switch statement by an amount (16 bytes) which is enough for all cases
where only a single value gets added. Cases 's', 'S', 'p' however
additionally write an arbitrary length block of data and again enlarge the
buffer to the required amount. However, the required space calculation does
not take into account the size of the length field which gets output before
the data.
3. Buffer size requirement calculation in case 'S' does not account for the
padding byte ("size += (size & 1) ;" happens after the calculation which
uses "size").
4. Case 'S' can overrun the header buffer by 1 byte when no padding is
involved
("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ;" while
the buffer is only guaranteed to have "size" space available).
5. "psf->header.ptr [psf->header.indx] = 0 ;" in case 'S' always writes 1 byte
beyond the space which is guaranteed to be allocated in the header buffer.
6. Case 's' can overrun the provided source string by 1 byte if padding is
involved ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;"
where "size" is "strlen (strptr) + 1" (which includes the 0 terminator,
plus optionally another 1 which is padding and not guaranteed to be
readable via the source string pointer).
Closes: https://github.com/erikd/libsndfile/issues/292
---
src/common.c | 15 +++
1 file changed, 7 insertions(+), 8 deletions(-)
--- a/src/common.c
+++ b/src/common.c
@@ -675,16 +675,16 @@ psf_binheader_writef (SF_PRIVATE *psf, c
/* Write a C string (guaranteed to have
a zero terminator). */
strptr = va_arg (argptr, char *) ;
size = strlen (strptr) + 1 ;
- size += (size & 1) ;
- if (psf->header.indx + (sf_count_t)
size >= psf->header.len && psf_bump_header_allocation (psf, 16))
+ if (psf->header.indx + 4 + (sf_count_t)
size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation
(psf, 4 + size + (size & 1)))
return count ;
if (psf->rwf_endian == SF_ENDIAN_BIG)
- header_put_be_int (psf, size) ;
+ header_put_be_int (psf, size +
(size & 1)) ;
else
- header_put_le_int (psf, size) ;
+
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2017-06-15 11:18:37
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Thu Jun 15 11:18:37 2017 rev:51 rq:503303 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-05-18
20:45:52.755928761 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2017-06-15 11:18:38.395681818 +0200
@@ -1,0 +2,7 @@
+Tue Jun 13 08:36:52 CEST 2017 - ti...@suse.de
+
+- Fix out-of-bounds read memory access in the aiff_read_chanmap()
+ (CVE-2017-6892, bsc#1043978):
+ 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
+
+---
New:
0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
Other differences:
--
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.tyTGt1/_old 2017-06-15 11:18:39.115580113 +0200
+++ /var/tmp/diff_new_pack.tyTGt1/_new 2017-06-15 11:18:39.115580113 +0200
@@ -31,6 +31,7 @@
# PATCH-FIX-UPSTREAM
Patch1: 0001-FLAC-Fix-a-buffer-read-overrun.patch
Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch
+Patch10:0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
# PATCH-FIX-OPENSUSE
Patch100: sndfile-ocloexec.patch
BuildRequires: alsa-devel
@@ -80,6 +81,7 @@
%setup -q
%patch1 -p1
%patch2 -p1
+%patch10 -p1
%patch100 -p1
%build
++ 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch ++
>From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001
From: Erik de Castro Lopo
Date: Tue, 23 May 2017 20:15:24 +1000
Subject: [PATCH] src/aiff.c: Fix a buffer read overflow
Secunia Advisory SA76717.
Found by: Laurent Delosieres, Secunia Research at Flexera Software
---
src/aiff.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/src/aiff.c
+++ b/src/aiff.c
@@ -1905,7 +1905,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, uns
psf_binheader_readf (psf, "j", dword - bytesread) ;
if (map_info->channel_map != NULL)
- { size_t chanmap_size = psf->sf.channels * sizeof
(psf->channel_map [0]) ;
+ { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag &
0x) * sizeof (psf->channel_map [0]) ;
free (psf->channel_map) ;
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2017-05-18 20:45:45
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Thu May 18 20:45:45 2017 rev:50 rq:492489 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-04-17
10:24:07.616774697 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2017-05-18 20:45:52.755928761 +0200
@@ -1,0 +2,9 @@
+Tue May 2 14:06:40 CEST 2017 - ti...@suse.de
+
+- Fix FLAC buffer overflows (CVE-2017-8361 CVE-2017-8363
+ CVE-2017-8365 CVE-2017-8362 bsc#1036944 bsc#1036945 bsc#1036946
+ bsc#1036943):
+ 0001-FLAC-Fix-a-buffer-read-overrun.patch
+ 0002-src-flac.c-Fix-a-buffer-read-overflow.patch
+
+---
New:
0001-FLAC-Fix-a-buffer-read-overrun.patch
0002-src-flac.c-Fix-a-buffer-read-overflow.patch
Other differences:
--
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.tUsjbF/_old 2017-05-18 20:45:55.019609298 +0200
+++ /var/tmp/diff_new_pack.tUsjbF/_new 2017-05-18 20:45:55.023608733 +0200
@@ -28,7 +28,11 @@
Source1:
http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz.asc
Source2:%{name}.keyring
Source3:baselibs.conf
-Patch2: sndfile-ocloexec.patch
+# PATCH-FIX-UPSTREAM
+Patch1: 0001-FLAC-Fix-a-buffer-read-overrun.patch
+Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch
+# PATCH-FIX-OPENSUSE
+Patch100: sndfile-ocloexec.patch
BuildRequires: alsa-devel
BuildRequires: flac-devel
BuildRequires: gcc-c++
@@ -74,7 +78,9 @@
%prep
%setup -q
+%patch1 -p1
%patch2 -p1
+%patch100 -p1
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
++ 0001-FLAC-Fix-a-buffer-read-overrun.patch ++
>From fd0484aba8e51d16af1e3a880f9b8b857b385eb3 Mon Sep 17 00:00:00 2001
From: Erik de Castro Lopo
Date: Wed, 12 Apr 2017 19:45:30 +1000
Subject: [PATCH] FLAC: Fix a buffer read overrun
References: CVE-2017-8361 CVE-2017-8363 CVE-2017-8365 bsc#1036944 bsc#1036945
bsc#1036946
Buffer read overrun occurs when reading a FLAC file that switches
from 2 channels to one channel mid-stream. Only option is to
abort the read.
Closes: https://github.com/erikd/libsndfile/issues/230
---
src/common.h |1 +
src/flac.c| 13 +
src/sndfile.c |1 +
3 files changed, 15 insertions(+)
--- a/src/common.h
+++ b/src/common.h
@@ -725,6 +725,7 @@ enum
SFE_FLAC_INIT_DECODER,
SFE_FLAC_LOST_SYNC,
SFE_FLAC_BAD_SAMPLE_RATE,
+ SFE_FLAC_CHANNEL_COUNT_CHANGED,
SFE_FLAC_UNKOWN_ERROR,
SFE_WVE_NOT_WVE,
--- a/src/flac.c
+++ b/src/flac.c
@@ -435,6 +435,19 @@ sf_flac_meta_callback (const FLAC__Strea
switch (metadata->type)
{ case FLAC__METADATA_TYPE_STREAMINFO :
+ if (psf->sf.channels > 0 && psf->sf.channels != (int)
metadata->data.stream_info.channels)
+ { psf_log_printf (psf, "Error: FLAC stream
changed from %d to %d channels\n"
+
"Nothing to be but to error out.\n" ,
+
psf->sf.channels, metadata->data.stream_info.channels) ;
+ psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ;
+ return ;
+ } ;
+
+ if (psf->sf.channels > 0 && psf->sf.samplerate != (int)
metadata->data.stream_info.sample_rate)
+ { psf_log_printf (psf, "Warning: FLAC stream
changed sample rates from %d to %d.\n"
+
"Carrying on as if nothing happened.",
+
psf->sf.samplerate, metadata->data.stream_info.sample_rate) ;
+ } ;
psf->sf.channels = metadata->data.stream_info.channels ;
psf->sf.samplerate =
metadata->data.stream_info.sample_rate ;
psf->sf.frames =
metadata->data.stream_info.total_samples ;
--- a/src/sndfile.c
+++ b/src/sndfile.c
@@ -245,6 +245,7 @@ ErrorStruct SndfileErrors [] =
{ SFE_FLAC_INIT_DECODER , "Error : problem with initialization
of the flac decoder." },
{ SFE_FLAC_LOST_SYNC , "Error : flac decoder lost
sync." },
{ SFE_FLAC_BAD_SAMPLE_RATE, "Error : flac does not support
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2017-04-17 10:24:07
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Mon Apr 17 10:24:07 2017 rev:49 rq:487149 version:1.0.28
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes
2015-12-01 09:18:05.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes
2017-04-17 10:24:07.592778096 +0200
@@ -1,0 +2,15 @@
+Mon Apr 10 10:47:58 CEST 2017 - ti...@suse.de
+
+- Update to version 1.0.27:
+ * Fix a seek regression in 1.0.26
+ * Add metadata read/write for CAF and RF64
+ * FIx PAF endian-ness issue
+- Update to version 1.0.28
+ * Fix buffer overruns in FLAC and ID3 handling code
+ (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053)
+ * Reduce default header memory requirements
+ * Fix detection of Large File Support for 32 bit systems.
+- Obsoleted patch:
+ libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
+
+---
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2016-05-16
12:01:30.0 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2017-04-17 10:24:07.616774697 +0200
@@ -1,0 +2,15 @@
+Mon Apr 10 10:47:58 CEST 2017 - ti...@suse.de
+
+- Update to version 1.0.27:
+ * Fix a seek regression in 1.0.26
+ * Add metadata read/write for CAF and RF64
+ * FIx PAF endian-ness issue
+- Update to version 1.0.28
+ * Fix buffer overruns in FLAC and ID3 handling code
+ (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053)
+ * Reduce default header memory requirements
+ * Fix detection of Large File Support for 32 bit systems.
+- Obsoleted patch:
+ libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
+
+---
Old:
libsndfile-1.0.26.tar.gz
libsndfile-1.0.26.tar.gz.asc
libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
New:
libsndfile-1.0.28.tar.gz
libsndfile-1.0.28.tar.gz.asc
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.3g18Nw/_old 2017-04-17 10:24:08.636630265 +0200
+++ /var/tmp/diff_new_pack.3g18Nw/_new 2017-04-17 10:24:08.640629699 +0200
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile-progs
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: libsndfile-progs
-Version:1.0.26
+Version:1.0.28
Release:0
Summary:Example Programs for libsndfile
License:LGPL-2.1+
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.3g18Nw/_old 2017-04-17 10:24:08.660626867 +0200
+++ /var/tmp/diff_new_pack.3g18Nw/_new 2017-04-17 10:24:08.660626867 +0200
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile
#
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
%define lname %{name}1
Name: libsndfile
-Version:1.0.26
+Version:1.0.28
Release:0
Summary:Development/Libraries/C and C++
License:LGPL-2.1+
@@ -29,8 +29,6 @@
Source2:%{name}.keyring
Source3:baselibs.conf
Patch2: sndfile-ocloexec.patch
-# PATCH-FIX-SUSE CVE-2015-8075 bsc#953519
-Patch8: libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
BuildRequires: alsa-devel
BuildRequires: flac-devel
BuildRequires: gcc-c++
@@ -77,7 +75,6 @@
%prep
%setup -q
%patch2 -p1
-%patch8 -p1
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
++ libsndfile-1.0.26.tar.gz -> libsndfile-1.0.28.tar.gz ++
51912 lines of diff (skipped)
++ libsndfile.keyring ++
--- /var/tmp/diff_new_pack.3g18Nw/_old 2017-04-17 10:24:09.000578722 +0200
+++ /var/tmp/diff_new_pack.3g18Nw/_new 2017-04-17 10:24:09.000578722 +0200
@@ -1,103 +1,52 @@
-BEGIN PGP PUBLIC KEY BLOCK-
-Version: GnuPG v2
-mQGiBEBgzMIRBADZ0895FcsJLDukwfGbTBfBvIKweRC1L3GB9x2KMocMaJ5q3cr3
-YupkbkksBZRVSVzHbXIk6Nu6p+FKnLeZfbsu3LDsp9Nh26Xxi1RMV5hYViIr6UAM
-nxB7hbACUPvn4oQjCBc5XEaQOFiwOmtigAhlNbenrLxxdUMckgwj4qYMqwCgwt90
-yYHQyaZ2iKVtPDBDCl8NU3UEAMKGkAVjV+BJ/KPjTaRPCOtF7CgPQABGKqpcPP8R
-IETX9
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2016-05-16 12:01:28
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2015-12-01
09:18:05.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2016-05-16 12:01:30.0 +0200
@@ -1,0 +2,5 @@
+Tue May 10 17:18:51 UTC 2016 - tom.m...@googlemail.com
+
+- Fix spec file to enable builds on non opensuse OS
+
+---
Other differences:
--
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.o5WMha/_old 2016-05-16 12:01:31.0 +0200
+++ /var/tmp/diff_new_pack.o5WMha/_new 2016-05-16 12:01:31.0 +0200
@@ -81,7 +81,7 @@
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
-%if %suse_version < 1200
+%if 0%{?suse_version} < 1200
sed -i -e'/^AM_SILENT_RULES/d' configure.ac
%endif
autoreconf --force --install
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2015-12-01 09:18:03
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes
2015-03-27 09:39:04.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes
2015-12-01 09:18:05.0 +0100
@@ -1,0 +2,13 @@
+Tue Nov 24 08:31:31 UTC 2015 - idon...@suse.com
+
+- Remove documentation, it belongs to the libsndfile package.
+
+---
+Mon Nov 23 17:22:41 CET 2015 - ti...@suse.de
+
+- Update to version 1.0.26:
+ * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805.
+ * Add ALAC/CAF support. Minor bug fixes and improvements.
+- Drop libsndfile-example-fix.diff
+
+---
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2015-11-08
11:25:42.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2015-12-01 09:18:05.0 +0100
@@ -1,0 +2,18 @@
+Mon Nov 23 17:20:09 CET 2015 - ti...@suse.de
+
+- Update to version 1.0.26:
+ * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805.
+ * Add ALAC/CAF support. Minor bug fixes and improvements.
+- Refreshed patches:
+ sndfile-ocloexec.patch
+ libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
+- Removed obsoleted patches:
+ libsndfile-example-fix.diff
+ libsndfile-fix-header-read-CVE-2015-7805.patch
+ libsndfile-paf-zero-division-fix.diff
+ libsndfile-src-common.c-Fix-a-header-parsing-bug.patch
+ libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch
+ sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
+ sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch
+
+---
Old:
libsndfile-1.0.25.tar.gz
libsndfile-1.0.25.tar.gz.asc
libsndfile-example-fix.diff
libsndfile-fix-header-read-CVE-2015-7805.patch
libsndfile-paf-zero-division-fix.diff
libsndfile-src-common.c-Fix-a-header-parsing-bug.patch
libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch
sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch
New:
libsndfile-1.0.26.tar.gz
libsndfile-1.0.26.tar.gz.asc
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.PkrLwR/_old 2015-12-01 09:18:06.0 +0100
+++ /var/tmp/diff_new_pack.PkrLwR/_new 2015-12-01 09:18:06.0 +0100
@@ -17,7 +17,7 @@
Name: libsndfile-progs
-Version:1.0.25
+Version:1.0.26
Release:0
Summary:Example Programs for libsndfile
License:LGPL-2.1+
@@ -26,7 +26,6 @@
Source0:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
Source1:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz.asc
Source2:libsndfile.keyring
-Patch0: libsndfile-example-fix.diff
BuildRequires: alsa-devel
BuildRequires: flac-devel
BuildRequires: gcc-c++
@@ -42,7 +41,6 @@
%prep
%setup -q -n libsndfile-%{version}
-%patch0
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
@@ -57,7 +55,9 @@
%install
make DESTDIR=%{buildroot} install %{?_smp_mflags}
-# remove unnecessary lib files
+
+# remove unnecessary files
+rm -rf %{buildroot}%{_datadir}/doc/libsndfile
rm -rf %{buildroot}%{_libdir}
rm -rf %{buildroot}%{_includedir}
rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.PkrLwR/_old 2015-12-01 09:18:06.0 +0100
+++ /var/tmp/diff_new_pack.PkrLwR/_new 2015-12-01 09:18:06.0 +0100
@@ -18,7 +18,7 @@
%define lname %{name}1
Name: libsndfile
-Version:1.0.25
+Version:1.0.26
Release:0
Summary:Development/Libraries/C and C++
License:LGPL-2.1+
@@ -28,21 +28,7 @@
Source1:
http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz.asc
Source2:%{name}.keyring
Source3:baselibs.conf
-# PATCH-MISSING-TAG -- See
http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
-Patch0: libsndfile-example-fix.diff
-# PATCH-MISSING-TAG -- See
http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
-Patch1: libsndfile-paf-zero-division-fix.diff
Patch2: sndfile-ocloexec.patch
-# PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796
-Patch3: sndfile-src-sd2.c-Fix-segfault-in-SD2-R
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2015-11-08 11:25:41
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2015-03-27
09:39:04.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2015-11-08 11:25:42.0 +0100
@@ -1,0 +2,16 @@
+Wed Nov 4 16:43:39 CET 2015 - ti...@suse.de
+
+- VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-7805, bsc#953516)
+ libsndfile-src-common.c-Fix-a-header-parsing-bug.patch
+ libsndfile-fix-header-read-CVE-2015-7805.patch
+- VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-8075, bsc#953519)
+ libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
+- Fix the build with SLE11-SP3 due to AM_SILENT_RULE macro
+
+---
+Wed Nov 4 11:38:16 CET 2015 - ti...@suse.de
+
+- VUL-1: libsndfile DoS/divide-by-zero (CVE-2014-9756, bsc#953521):
+ libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch
+
+---
New:
libsndfile-fix-header-read-CVE-2015-7805.patch
libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
libsndfile-src-common.c-Fix-a-header-parsing-bug.patch
libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch
Other differences:
--
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.mOraYf/_old 2015-11-08 11:25:43.0 +0100
+++ /var/tmp/diff_new_pack.mOraYf/_new 2015-11-08 11:25:43.0 +0100
@@ -37,6 +37,14 @@
Patch3: sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
# PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796
Patch4: sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch
+# PATCH-FIX-UPSTREAM CVE-2014-9756 bsc#953521
+Patch5: libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch
+# PATCH-FIX-UPSTREAM CVE-2015-7805 bsc#953516
+Patch6: libsndfile-src-common.c-Fix-a-header-parsing-bug.patch
+# PATCH-FIX-SUSE CVE-2015-7805 bsc#953516
+Patch7: libsndfile-fix-header-read-CVE-2015-7805.patch
+# PATCH-FIX-SUSE CVE-2015-8075 bsc#953519
+Patch8: libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
BuildRequires: alsa-devel
BuildRequires: flac-devel
BuildRequires: gcc-c++
@@ -87,9 +95,16 @@
%patch2
%patch3 -p1
%patch4 -p1
+%patch5 -p1
+%patch6 -p1
+%patch7 -p1
+%patch8 -p1
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
+%if %suse_version < 1200
+sed -i -e'/^AM_SILENT_RULES/d' configure.ac
+%endif
autoreconf --force --install
CFLAGS="%{optflags} %{warn_flags}"
export CFLAGS
++ libsndfile-fix-header-read-CVE-2015-7805.patch ++
---
src/common.c |5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
--- a/src/common.c
+++ b/src/common.c
@@ -800,9 +800,10 @@ header_read (SF_PRIVATE *psf, void *ptr,
if (psf->headindex + bytes > SIGNED_SIZEOF (psf->header))
{ int most ;
- most = SIGNED_SIZEOF (psf->header) - psf->headindex ;
+ most = SIGNED_SIZEOF (psf->header) - psf->headend ;
psf_fread (psf->header + psf->headend, 1, most, psf) ;
- memcpy (ptr, psf->header + psf->headend, most) ;
+ most = SIGNED_SIZEOF (psf->header) - psf->headindex ;
+ memcpy (ptr, psf->header + psf->headindex, most) ;
psf->headend = psf->headindex += most ;
psf_fread ((char *) ptr + most, bytes - most, 1, psf) ;
return bytes ;
++ libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch ++
---
src/common.c |2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/src/common.c
+++ b/src/common.c
@@ -1332,7 +1332,7 @@ psf_strlcpy_crlf (char *dest, const char
char * destend = dest + destmax - 2 ;
const char * srcend = src + srcmax ;
- while (dest < destend && src < srcend)
+ while (*src && dest < destend && src < srcend)
{ if ((src [0] == '\r' && src [1] == '\n') || (src [0] == '\n' &&
src [1] == '\r'))
{ *dest++ = '\r' ;
*dest++ = '\n' ;
++ libsndfile-src-common.c-Fix-a-header-parsing-bug.patch ++
>From d2a87385c1ca1d72918e9a2875d24f202a5093e8 Mon Sep 17 00:00:00 2001
From: Erik de Castro Lopo
Date: Sat, 7 Feb 2015 15:45:10 +1100
Subject: [PATCH] src/common.c : Fix a header parsing bug.
When the file header is bigger that SF_HEADER_LEN, the code would seek
instead of reading causing file parse errors.
The current header parsing and
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2015-03-27 09:39:03
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes
2013-04-17 07:16:52.0 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes
2015-03-27 09:39:04.0 +0100
@@ -1,0 +2,6 @@
+Sat Mar 21 08:14:38 UTC 2015 - mplus...@suse.com
+
+- Cleanup spec file with spec-cleaner
+- Add gpg signature
+
+---
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2015-01-09
20:52:17.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2015-03-27 09:39:04.0 +0100
@@ -1,0 +2,7 @@
+Sat Mar 21 08:12:34 UTC 2015 - mplus...@suse.com
+
+- Cleanup spec file with spec-cleaner
+- Add gpg signature
+- Remove old ppc provides/obsoletes
+
+---
New:
libsndfile-1.0.25.tar.gz.asc
libsndfile.keyring
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.4uGjzn/_old 2015-03-27 09:39:05.0 +0100
+++ /var/tmp/diff_new_pack.4uGjzn/_new 2015-03-27 09:39:05.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile-progs
#
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,6 +17,16 @@
Name: libsndfile-progs
+Version:1.0.25
+Release:0
+Summary:Example Programs for libsndfile
+License:LGPL-2.1+
+Group: System/Libraries
+Url:http://www.mega-nerd.com/libsndfile/
+Source0:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
+Source1:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz.asc
+Source2:libsndfile.keyring
+Patch0: libsndfile-example-fix.diff
BuildRequires: alsa-devel
BuildRequires: flac-devel
BuildRequires: gcc-c++
@@ -25,33 +35,19 @@
BuildRequires: libvorbis-devel
BuildRequires: pkgconfig
BuildRequires: sqlite-devel
-Summary:Example Programs for libsndfile
-License:LGPL-2.1+
-Group: System/Libraries
-Version:1.0.25
-Release:0
-Source:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
-Patch: libsndfile-example-fix.diff
-Url:http://www.mega-nerd.com/libsndfile/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
This package includes the example programs for libsndfile.
-
-
-Authors:
-
-Erik de Castro Lopo
-
%prep
%setup -q -n libsndfile-%{version}
-%patch
+%patch0
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
# autoreconf --force --install
-CFLAGS="$RPM_OPT_FLAGS %{warn_flags}"
+CFLAGS="%{optflags} %{warn_flags}"
export CFLAGS
%configure --disable-silent-rules \
--disable-static \
@@ -60,11 +56,11 @@
make %{?_smp_mflags}
%install
-make DESTDIR="$RPM_BUILD_ROOT" install
+make DESTDIR=%{buildroot} install %{?_smp_mflags}
# remove unnecessary lib files
-rm -rf $RPM_BUILD_ROOT%{_libdir}
-rm -rf $RPM_BUILD_ROOT%{_includedir}
-rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libsndfile1-dev
+rm -rf %{buildroot}%{_libdir}
+rm -rf %{buildroot}%{_includedir}
+rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev
%files
%defattr(-, root, root)
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.4uGjzn/_old 2015-03-27 09:39:05.0 +0100
+++ /var/tmp/diff_new_pack.4uGjzn/_new 2015-03-27 09:39:05.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile
#
-# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,13 +16,27 @@
#
+%define lname %{name}1
Name: libsndfile
-%define lname libsndfile1
Version:1.0.25
Release:0
Summary:Development/Libraries/C and C++
License:LGPL-2.1+
Group: System/Libraries
+Url:http://www.mega-nerd.com/libsndfile
+Source0:
http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz
+Source1:
http://www.mega-n
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2015-01-09 20:52:14
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2013-04-17
07:16:52.0 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2015-01-09 20:52:17.0 +0100
@@ -1,0 +2,8 @@
+Wed Jan 7 08:30:31 CET 2015 - ti...@suse.de
+
+- VUL-0: two buffer read overflows in sd2_parse_rsrc_fork()
+ (CVE-2014-9496, bnc#911796): backported upstream fix patches
+ sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
+ sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch
+
+---
New:
sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.STx0Dc/_old 2015-01-09 20:52:18.0 +0100
+++ /var/tmp/diff_new_pack.STx0Dc/_new 2015-01-09 20:52:18.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile-progs
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.STx0Dc/_old 2015-01-09 20:52:18.0 +0100
+++ /var/tmp/diff_new_pack.STx0Dc/_new 2015-01-09 20:52:18.0 +0100
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile
#
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -46,6 +46,10 @@
# PATCH-MISSING-TAG -- See
http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
Patch1: libsndfile-paf-zero-division-fix.diff
Patch2: sndfile-ocloexec.patch
+# PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796
+Patch3: sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
+# PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796
+Patch4: sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -89,6 +93,8 @@
%patch0
%patch1 -p1
%patch2
+%patch3 -p1
+%patch4 -p1
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
++ sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch ++
>From 9341e9c6e70cd3ad76c901c3cf052d4cb52fd827 Mon Sep 17 00:00:00 2001
From: Erik de Castro Lopo
Date: Thu, 27 Jun 2013 18:04:03 +1000
Subject: [PATCH] src/sd2.c : Fix segfault in SD2 RSRC parser.
A specially crafted resource fork for an SD2 file can cause
the SD2 RSRC parser to read data from outside a dynamically
defined buffer. The data that is read is converted into a
short or int and used during further processing.
Since no write occurs, this is unlikely to be exploitable.
Bug reported by The Mayhem Team from Cylab, Carnegie Mellon
Univeristy. Paper is:
http://users.ece.cmu.edu/~arebert/papers/mayhem-oakland-12.pdf
---
src/sd2.c | 93 --
1 file changed, 55 insertions(+), 38 deletions(-)
--- a/src/sd2.c
+++ b/src/sd2.c
@@ -1,5 +1,5 @@
/*
-** Copyright (C) 2001-2011 Erik de Castro Lopo
+** Copyright (C) 2001-2013 Erik de Castro Lopo
** Copyright (C) 2004 Paavo Jumppanen
**
** This program is free software; you can redistribute it and/or modify
@@ -370,44 +370,61 @@ sd2_write_rsrc_fork (SF_PRIVATE *psf, in
*/
static inline int
-read_char (const unsigned char * data, int offset)
-{ return data [offset] ;
-} /* read_char */
+read_rsrc_char (const SD2_RSRC *prsrc, int offset)
+{ const unsigned char * data = prsrc->rsrc_data ;
+ if (offset < 0 || offset >= prsrc->rsrc_len)
+ return 0 ;
+ return data [offset] ;
+} /* read_rsrc_char */
static inline int
-read_short (const unsigned char * data, int offset)
-{ return (data [offset] << 8) + data [offset + 1] ;
-} /* read_short */
+read_rsrc_short (const SD2_RSRC *prsrc, int offset)
+{ const unsigned char * data = prsrc->rsrc_data ;
+ if (offset < 0 || offset + 1 >= prsrc->rsrc_len)
+ return 0 ;
+ return (data [offset] << 8) + data [offset + 1] ;
+} /* read_rsrc
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2013-04-17 07:16:47
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile", Maintainer is "ti...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes
2011-11-22 17:48:32.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes
2013-04-17 07:16:52.0 +0200
@@ -1,0 +2,6 @@
+Mon Apr 15 14:00:22 UTC 2013 - mmeis...@suse.com
+
+- Added url as source.
+ Please see http://en.opensuse.org/SourceUrls
+
+---
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-12-08
12:26:36.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2013-04-17 07:16:52.0 +0200
@@ -1,0 +2,6 @@
+Mon Apr 15 13:57:35 UTC 2013 - mmeis...@suse.com
+
+- Added url as source.
+ Please see http://en.opensuse.org/SourceUrls
+
+---
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.U6Zecc/_old 2013-04-17 07:16:56.0 +0200
+++ /var/tmp/diff_new_pack.U6Zecc/_new 2013-04-17 07:16:56.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile-progs
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -15,6 +15,7 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
Name: libsndfile-progs
BuildRequires: alsa-devel
BuildRequires: flac-devel
@@ -25,11 +26,11 @@
BuildRequires: pkgconfig
BuildRequires: sqlite-devel
Summary:Example Programs for libsndfile
-Version:1.0.25
-Release:0
License:LGPL-2.1+
Group: System/Libraries
-Source: libsndfile-%{version}.tar.gz
+Version:1.0.25
+Release:0
+Source:
http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
Patch: libsndfile-example-fix.diff
Url:http://www.mega-nerd.com/libsndfile/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.U6Zecc/_old 2013-04-17 07:16:56.0 +0200
+++ /var/tmp/diff_new_pack.U6Zecc/_new 2013-04-17 07:16:56.0 +0200
@@ -1,7 +1,7 @@
#
# spec file for package libsndfile
#
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -15,12 +15,13 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
+
Name: libsndfile
%define lname libsndfile1
Version:1.0.25
Release:0
-License:LGPL-2.1+
Summary:Development/Libraries/C and C++
+License:LGPL-2.1+
Group: System/Libraries
BuildRequires: alsa-devel
BuildRequires: flac-devel
@@ -38,7 +39,7 @@
%endif
Url:http://www.mega-nerd.com/libsndfile/
#
-Source: libsndfile-%{version}.tar.gz
+Source:
http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz
Source2:baselibs.conf
# PATCH-MISSING-TAG -- See
http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
Patch0: libsndfile-example-fix.diff
@@ -55,6 +56,7 @@
%package -n %lname
Summary:A Library to Handle Various Audio File Formats
+Group: System/Libraries
Provides: %{name} = %{version}
Obsoletes: %{name} <= 1.0.25
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2011-12-08 12:26:30
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile", Maintainer is "ti...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-11-28
12:54:21.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2011-12-08 12:26:36.0 +0100
@@ -1,0 +2,5 @@
+Fri Dec 2 15:55:49 UTC 2011 - co...@suse.com
+
+- add libtool as buildrequire to avoid implicit dependency
+
+---
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.Vspx38/_old 2011-12-08 12:26:54.0 +0100
+++ /var/tmp/diff_new_pack.Vspx38/_new 2011-12-08 12:26:54.0 +0100
@@ -15,14 +15,19 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-
-
Name: libsndfile-progs
-BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel
pkgconfig sqlite-devel
+BuildRequires: alsa-devel
+BuildRequires: flac-devel
+BuildRequires: gcc-c++
+BuildRequires: libjack-devel
+BuildRequires: libtool
+BuildRequires: libvorbis-devel
+BuildRequires: pkgconfig
+BuildRequires: sqlite-devel
Summary:Example Programs for libsndfile
Version:1.0.25
-Release:3
-License:LGPLv2.1+
+Release:0
+License:LGPL-2.1+
Group: System/Libraries
Source: libsndfile-%{version}.tar.gz
Patch: libsndfile-example-fix.diff
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.Vspx38/_old 2011-12-08 12:26:54.0 +0100
+++ /var/tmp/diff_new_pack.Vspx38/_new 2011-12-08 12:26:54.0 +0100
@@ -15,22 +15,21 @@
# Please submit bugfixes or comments via http://bugs.opensuse.org/
#
-
-
Name: libsndfile
%define lname libsndfile1
Version:1.0.25
-Release:4
-License:LGPLv2.1+
+Release:0
+License:LGPL-2.1+
Summary:Development/Libraries/C and C++
Group: System/Libraries
BuildRequires: alsa-devel
BuildRequires: flac-devel
BuildRequires: gcc-c++
+BuildRequires: libtool
BuildRequires: libvorbis-devel
BuildRequires: pkg-config
-BuildRequires: sqlite-devel
BuildRequires: speex-devel
+BuildRequires: sqlite-devel
Obsoletes: libsnd
Provides: libsnd
# bug437293
@@ -56,7 +55,6 @@
%package -n %lname
Summary:A Library to Handle Various Audio File Formats
-Group: System/Libraries
Provides: %{name} = %{version}
Obsoletes: %{name} <= 1.0.25
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2011-11-28 12:54:19
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile", Maintainer is "ti...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-11-23
19:36:11.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2011-11-28 12:54:21.0 +0100
@@ -1,0 +2,11 @@
+Thu Nov 24 11:02:11 CET 2011 - ti...@suse.de
+
+- add missing provides/obsoletes for libsndfile -> libsndfile1
+ rename (bnc#732565)
+
+---
+Thu Nov 24 01:54:21 UTC 2011 - crrodrig...@opensuse.org
+
+- use O_CLOEXEC in library code.
+
+---
New:
sndfile-ocloexec.patch
Other differences:
--
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.h0kom1/_old 2011-11-28 12:54:22.0 +0100
+++ /var/tmp/diff_new_pack.h0kom1/_new 2011-11-28 12:54:22.0 +0100
@@ -45,6 +45,7 @@
Patch0: libsndfile-example-fix.diff
# PATCH-MISSING-TAG -- See
http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
Patch1: libsndfile-paf-zero-division-fix.diff
+Patch2: sndfile-ocloexec.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -56,6 +57,8 @@
%package -n %lname
Summary:A Library to Handle Various Audio File Formats
Group: System/Libraries
+Provides: %{name} = %{version}
+Obsoletes: %{name} <= 1.0.25
%description -n %lname
Libsndfile is a C library for reading and writing sound files, such
@@ -85,10 +88,11 @@
%setup -q
%patch0
%patch1 -p1
+%patch2
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
-# autoreconf --force --install
+autoreconf --force --install
CFLAGS="%{optflags} %{warn_flags}"
export CFLAGS
%configure --disable-silent-rules \
++ baselibs.conf ++
--- /var/tmp/diff_new_pack.h0kom1/_old 2011-11-28 12:54:22.0 +0100
+++ /var/tmp/diff_new_pack.h0kom1/_new 2011-11-28 12:54:22.0 +0100
@@ -1 +1,3 @@
libsndfile1
+ provides "libsndfile- = "
+ obsoletes "libsndfile- <= 1.0.25"
++ sndfile-ocloexec.patch ++
--- configure.ac.orig
+++ configure.ac
@@ -23,7 +23,9 @@ AC_SUBST(ACLOCAL_AMFLAGS, "-I M4")
AC_LANG([C])
-AC_PROG_CC
+AC_PROG_CC_STDC
+AC_USE_SYSTEM_EXTENSIONS
+AC_SYS_LARGEFILE
AM_PROG_CC_C_O
AC_PROG_CXX
AC_PROG_SED
--- src/file_io.c.orig
+++ src/file_io.c
@@ -564,6 +564,9 @@ psf_open_fd (PSF_FILE * pfile)
return - SFE_BAD_OPEN_MODE ;
break ;
} ;
+#ifdef O_CLOEXEC
+oflag |= O_CLOEXEC;
+#endif
if (mode == 0)
fd = open (pfile->path.c, oflag) ;
--- Makefile.am.orig
+++ Makefile.am
@@ -1,5 +1,6 @@
## Process this file with automake to produce Makefile.in
+ACLOCAL_AMFLAGS = -I M4
DISTCHECK_CONFIGURE_FLAGS = --enable-gcc-werror
if BUILD_OCTAVE_MOD
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2011-11-23 19:36:08
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile", Maintainer is "ti...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-11-22
17:48:32.0 +0100
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2011-11-23 19:36:11.0 +0100
@@ -1,0 +2,5 @@
+Tue Nov 22 19:04:31 UTC 2011 - co...@suse.com
+
+- fix devel dependency
+
+---
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.sZUye4/_old 2011-11-23 19:36:13.0 +0100
+++ /var/tmp/diff_new_pack.sZUye4/_new 2011-11-23 19:36:13.0 +0100
@@ -26,7 +26,7 @@
Group: System/Libraries
Source: libsndfile-%{version}.tar.gz
Patch: libsndfile-example-fix.diff
-URL:http://www.mega-nerd.com/libsndfile/
+Url:http://www.mega-nerd.com/libsndfile/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.sZUye4/_old 2011-11-23 19:36:13.0 +0100
+++ /var/tmp/diff_new_pack.sZUye4/_new 2011-11-23 19:36:13.0 +0100
@@ -37,7 +37,7 @@
%ifarch ppc64
Obsoletes: libsndfile-64bit
%endif
-URL:http://www.mega-nerd.com/libsndfile/
+Url:http://www.mega-nerd.com/libsndfile/
#
Source: libsndfile-%{version}.tar.gz
Source2:baselibs.conf
@@ -66,7 +66,7 @@
%package devel
Summary:Development package for the libsndfile library
Group: Development/Libraries/C and C++
-Requires: %{name} = %{version}
+Requires: %{lname} = %{version}
Requires: glibc-devel
Requires: libstdc++-devel
Obsoletes: libsndd
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at 2011-11-22 17:48:27
Comparing /work/SRC/openSUSE:Factory/libsndfile (Old)
and /work/SRC/openSUSE:Factory/.libsndfile.new (New)
Package is "libsndfile", Maintainer is "ti...@suse.com"
Changes:
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes
2011-09-23 02:10:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes
2011-11-22 17:48:32.0 +0100
@@ -1,0 +2,5 @@
+Mon Nov 21 17:30:11 UTC 2011 - jeng...@medozas.de
+
+- Remove redundant/unwanted tags/section (cf. specfile guidelines)
+
+---
--- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-09-23
02:10:48.0 +0200
+++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes
2011-11-22 17:48:32.0 +0100
@@ -1,0 +2,5 @@
+Mon Nov 21 17:30:02 UTC 2011 - jeng...@medozas.de
+
+- Remove redundant/unwanted tags/section (cf. specfile guidelines)
+
+---
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.Bv8tX1/_old 2011-11-22 17:48:36.0 +0100
+++ /var/tmp/diff_new_pack.Bv8tX1/_new 2011-11-22 17:48:36.0 +0100
@@ -26,7 +26,7 @@
Group: System/Libraries
Source: libsndfile-%{version}.tar.gz
Patch: libsndfile-example-fix.diff
-Url:http://www.mega-nerd.com/libsndfile/
+URL:http://www.mega-nerd.com/libsndfile/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -60,9 +60,6 @@
rm -rf $RPM_BUILD_ROOT%{_includedir}
rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libsndfile1-dev
-%clean
-rm -rf $RPM_BUILD_ROOT
-
%files
%defattr(-, root, root)
%{_bindir}/*
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.Bv8tX1/_old 2011-11-22 17:48:36.0 +0100
+++ /var/tmp/diff_new_pack.Bv8tX1/_new 2011-11-22 17:48:36.0 +0100
@@ -18,10 +18,11 @@
Name: libsndfile
+%define lname libsndfile1
Version:1.0.25
Release:4
License:LGPLv2.1+
-Summary:A Library to Handle Various Audio File Formats
+Summary:Development/Libraries/C and C++
Group: System/Libraries
BuildRequires: alsa-devel
BuildRequires: flac-devel
@@ -36,7 +37,7 @@
%ifarch ppc64
Obsoletes: libsndfile-64bit
%endif
-Url:http://www.mega-nerd.com/libsndfile/
+URL:http://www.mega-nerd.com/libsndfile/
#
Source: libsndfile-%{version}.tar.gz
Source2:baselibs.conf
@@ -52,8 +53,17 @@
currently read and write 8, 16, 24, and 32-bit PCM files as well as
32-bit floating point WAV files and a number of compressed formats.
+%package -n %lname
+Summary:A Library to Handle Various Audio File Formats
+Group: System/Libraries
+
+%description -n %lname
+Libsndfile is a C library for reading and writing sound files, such
+as AIFF, AU, and WAV files, through one standard interface. It can
+currently read and write 8, 16, 24, and 32-bit PCM files as well as
+32-bit floating point WAV files and a number of compressed formats.
+
%package devel
-License:LGPLv2.1+
Summary:Development package for the libsndfile library
Group: Development/Libraries/C and C++
Requires: %{name} = %{version}
@@ -99,21 +109,18 @@
make -C examples distclean
rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev
-%post -p /sbin/ldconfig
-
-%postun -p /sbin/ldconfig
+%post -n %lname -p /sbin/ldconfig
-%clean
-rm -rf %{buildroot}
+%postun -n %lname -p /sbin/ldconfig
%check
pushd src
make check
popd
-%files
+%files -n %lname
%defattr(-, root, root)
-%{_libdir}/libsndfile.so.*
+%{_libdir}/libsndfile.so.1*
%files devel
%defattr(-, root, root)
++ baselibs.conf ++
--- /var/tmp/diff_new_pack.Bv8tX1/_old 2011-11-22 17:48:36.0 +0100
+++ /var/tmp/diff_new_pack.Bv8tX1/_new 2011-11-22 17:48:36.0 +0100
@@ -1 +1 @@
-libsndfile
+libsndfile1
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at Thu Aug 25 10:11:36 CEST 2011.
--- libsndfile/libsndfile-progs.changes 2011-07-18 17:27:21.0 +0200
+++ /mounts/work_src_done/STABLE/libsndfile/libsndfile-progs.changes
2011-07-29 14:48:42.0 +0200
@@ -1,0 +2,5 @@
+Fri Jul 29 14:48:03 CEST 2011 - ti...@suse.de
+
+- Fix zero-division in PAF parser (bnc#708988)
+
+---
--- libsndfile/libsndfile.changes 2011-07-28 01:40:56.0 +0200
+++ /mounts/work_src_done/STABLE/libsndfile/libsndfile.changes 2011-08-24
20:08:37.0 +0200
@@ -1,0 +2,11 @@
+Wed Aug 24 18:07:57 UTC 2011 - crrodrig...@opensuse.org
+
+- Enable speex support
+- run make check
+
+---
+Fri Jul 29 14:48:03 CEST 2011 - ti...@suse.de
+
+- Fix zero-division in PAF parser (bnc#708988)
+
+---
calling whatdependson for head-i586
New:
libsndfile-paf-zero-division-fix.diff
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.W1ZVE4/_old 2011-08-25 10:07:48.0 +0200
+++ /var/tmp/diff_new_pack.W1ZVE4/_new 2011-08-25 10:07:48.0 +0200
@@ -21,7 +21,7 @@
BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel
pkgconfig sqlite-devel
Summary:Example Programs for libsndfile
Version:1.0.25
-Release:2
+Release:3
License:LGPLv2.1+
Group: System/Libraries
Source: libsndfile-%{version}.tar.gz
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.W1ZVE4/_old 2011-08-25 10:07:48.0 +0200
+++ /var/tmp/diff_new_pack.W1ZVE4/_new 2011-08-25 10:07:48.0 +0200
@@ -18,23 +18,32 @@
Name: libsndfile
-BuildRequires: alsa-devel flac-devel gcc-c++ libvorbis-devel pkg-config
sqlite-devel
-Summary:A Library to Handle Various Audio File Formats
Version:1.0.25
-Release:2
+Release:4
License:LGPLv2.1+
+Summary:A Library to Handle Various Audio File Formats
Group: System/Libraries
+BuildRequires: alsa-devel
+BuildRequires: flac-devel
+BuildRequires: gcc-c++
+BuildRequires: libvorbis-devel
+BuildRequires: pkg-config
+BuildRequires: sqlite-devel
+BuildRequires: speex-devel
Obsoletes: libsnd
Provides: libsnd
# bug437293
%ifarch ppc64
Obsoletes: libsndfile-64bit
%endif
+Url:http://www.mega-nerd.com/libsndfile/
#
Source: libsndfile-%{version}.tar.gz
Source2:baselibs.conf
-Patch: libsndfile-example-fix.diff
-Url:http://www.mega-nerd.com/libsndfile/
+# PATCH-MISSING-TAG -- See
http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
+Patch0: libsndfile-example-fix.diff
+# PATCH-MISSING-TAG -- See
http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines
+Patch1: libsndfile-paf-zero-division-fix.diff
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
@@ -43,17 +52,13 @@
currently read and write 8, 16, 24, and 32-bit PCM files as well as
32-bit floating point WAV files and a number of compressed formats.
-
-
-Authors:
-
-Erik de Castro Lopo
-
%package devel
License:LGPLv2.1+
Summary:Development package for the libsndfile library
Group: Development/Libraries/C and C++
-Requires: %{name} = %{version} glibc-devel libstdc++-devel
+Requires: %{name} = %{version}
+Requires: glibc-devel
+Requires: libstdc++-devel
Obsoletes: libsndd
Provides: libsndd
# bug437293
@@ -66,44 +71,45 @@
This package contains the files needed to compile programs that use the
libsndfile library.
-
-
-Authors:
-
-Erik de Castro Lopo
-
%prep
%setup -q
-%patch
+%patch0
+%patch1 -p1
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
# autoreconf --force --install
-CFLAGS="$RPM_OPT_FLAGS %{warn_flags}"
+CFLAGS="%{optflags} %{warn_flags}"
export CFLAGS
%configure --disable-silent-rules \
--disable-static \
--enable-sqlite \
- --with-pic
+ --with-pic \
+--enable-experimental
make %{?_smp_mflags}
%install
-make DESTDIR="$RPM_BUILD_ROOT" install
+%make_install
# remove unnecessary files
-rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
+rm -f %{buildroot}%{_libdir}/*.la
# remove programs; built in another spec file
-rm -rf $RPM_BUILD_ROOT%{_bindir}
-rm -rf $RPM_BUILD_ROOT%{_mandir}/man1
+rm -rf %{buildroot}%{_bindir}
+rm -rf %{buildroot}%{_mandir}/man1
# remove binaries from examples directory
make -C examples distclean
-rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libsndfile1-dev
+rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at Fri Jul 29 09:09:28 CEST 2011.
--- libsndfile/libsndfile.changes 2011-07-18 17:27:22.0 +0200
+++ /mounts/work_src_done/STABLE/libsndfile/libsndfile.changes 2011-07-28
01:40:56.0 +0200
@@ -1,0 +2,6 @@
+Wed Jul 27 23:39:43 UTC 2011 - crrodrig...@opensuse.org
+
+- Remove -fno-strict-aliasing from cflags, no longer needed
+- disable automake silent rules.
+
+---
calling whatdependson for head-i586
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.ZXE4T0/_old 2011-07-29 09:08:11.0 +0200
+++ /var/tmp/diff_new_pack.ZXE4T0/_new 2011-07-29 09:08:11.0 +0200
@@ -21,7 +21,7 @@
BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel
pkgconfig sqlite-devel
Summary:Example Programs for libsndfile
Version:1.0.25
-Release:1
+Release:2
License:LGPLv2.1+
Group: System/Libraries
Source: libsndfile-%{version}.tar.gz
@@ -45,13 +45,13 @@
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
# autoreconf --force --install
-CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing %{warn_flags}"
+CFLAGS="$RPM_OPT_FLAGS %{warn_flags}"
export CFLAGS
-%configure \
+%configure --disable-silent-rules \
--disable-static \
--enable-sqlite \
--with-pic
-make
+make %{?_smp_mflags}
%install
make DESTDIR="$RPM_BUILD_ROOT" install
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.ZXE4T0/_old 2011-07-29 09:08:11.0 +0200
+++ /var/tmp/diff_new_pack.ZXE4T0/_new 2011-07-29 09:08:11.0 +0200
@@ -21,7 +21,7 @@
BuildRequires: alsa-devel flac-devel gcc-c++ libvorbis-devel pkg-config
sqlite-devel
Summary:A Library to Handle Various Audio File Formats
Version:1.0.25
-Release:1
+Release:2
License:LGPLv2.1+
Group: System/Libraries
Obsoletes: libsnd
@@ -79,9 +79,9 @@
%build
%define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith
-Wno-unused-parameter
# autoreconf --force --install
-CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing %{warn_flags}"
+CFLAGS="$RPM_OPT_FLAGS %{warn_flags}"
export CFLAGS
-%configure \
+%configure --disable-silent-rules \
--disable-static \
--enable-sqlite \
--with-pic
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community,
here is the log from the commit of package libsndfile for openSUSE:Factory
checked in at Tue Jul 19 13:47:14 CEST 2011.
--- libsndfile/libsndfile-progs.changes 2011-03-23 14:06:37.0 +0100
+++ /mounts/work_src_done/STABLE/libsndfile/libsndfile-progs.changes
2011-07-18 17:27:21.0 +0200
@@ -1,0 +2,7 @@
+Mon Jul 18 17:23:30 CEST 2011 - ti...@suse.de
+
+- updated to version 1.0.25:
+ Fix for Secunia Advisory SA45125 (CVE-2011-2696, bnc#705681)
+ Minor bug fixes and improvements
+
+---
libsndfile.changes: same change
calling whatdependson for head-i586
Old:
libsndfile-1.0.24.tar.bz2
New:
libsndfile-1.0.25.tar.gz
Other differences:
--
++ libsndfile-progs.spec ++
--- /var/tmp/diff_new_pack.JWQP0u/_old 2011-07-19 13:39:03.0 +0200
+++ /var/tmp/diff_new_pack.JWQP0u/_new 2011-07-19 13:39:03.0 +0200
@@ -20,11 +20,11 @@
Name: libsndfile-progs
BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel
pkgconfig sqlite-devel
Summary:Example Programs for libsndfile
-Version:1.0.24
+Version:1.0.25
Release:1
License:LGPLv2.1+
Group: System/Libraries
-Source: libsndfile-%{version}.tar.bz2
+Source: libsndfile-%{version}.tar.gz
Patch: libsndfile-example-fix.diff
Url:http://www.mega-nerd.com/libsndfile/
BuildRoot: %{_tmppath}/%{name}-%{version}-build
++ libsndfile.spec ++
--- /var/tmp/diff_new_pack.JWQP0u/_old 2011-07-19 13:39:03.0 +0200
+++ /var/tmp/diff_new_pack.JWQP0u/_new 2011-07-19 13:39:03.0 +0200
@@ -20,7 +20,7 @@
Name: libsndfile
BuildRequires: alsa-devel flac-devel gcc-c++ libvorbis-devel pkg-config
sqlite-devel
Summary:A Library to Handle Various Audio File Formats
-Version:1.0.24
+Version:1.0.25
Release:1
License:LGPLv2.1+
Group: System/Libraries
@@ -31,7 +31,7 @@
Obsoletes: libsndfile-64bit
%endif
#
-Source: libsndfile-%{version}.tar.bz2
+Source: libsndfile-%{version}.tar.gz
Source2:baselibs.conf
Patch: libsndfile-example-fix.diff
Url:http://www.mega-nerd.com/libsndfile/
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at Thu Mar 24 09:15:32 CET 2011. --- libsndfile/libsndfile-progs.changes 2010-10-13 00:51:12.0 +0200 +++ /mounts/work_src_done/STABLE/libsndfile/libsndfile-progs.changes 2011-03-23 14:06:37.0 +0100 @@ -1,0 +2,11 @@ +Wed Mar 23 13:01:06 UTC 2011 - oliver.be...@opensuse.org + +- Update to version 1.0.24 +- Upstream changes : + * WAV files are now written with an 18 byte u-law and A-law fmt chunk + * A document on virtual I/O functionality was added + * Two new methods were added in sndfile.hh + * A fix was made for a non-zero SSND offset values on AIFF + * Minor bug fixes and improvements were done + +--- --- libsndfile/libsndfile.changes 2010-10-13 00:43:52.0 +0200 +++ /mounts/work_src_done/STABLE/libsndfile/libsndfile.changes 2011-03-23 14:06:38.0 +0100 @@ -1,0 +2,11 @@ +Wed Mar 23 12:58:38 UTC 2011 - oliver.be...@opensuse.org + +- Update to version 1.0.24 +- Upstream changes : + * WAV files are now written with an 18 byte u-law and A-law fmt chunk + * A document on virtual I/O functionality was added + * Two new methods were added in sndfile.hh + * A fix was made for a non-zero SSND offset values on AIFF + * Minor bug fixes and improvements were done + +--- calling whatdependson for head-i586 Old: libsndfile-1.0.23.tar.bz2 New: libsndfile-1.0.24.tar.bz2 Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.4WAMmO/_old 2011-03-24 09:15:11.0 +0100 +++ /var/tmp/diff_new_pack.4WAMmO/_new 2011-03-24 09:15:11.0 +0100 @@ -1,7 +1,7 @@ # -# spec file for package libsndfile-progs (Version 1.0.23) +# spec file for package libsndfile-progs # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ Name: libsndfile-progs BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel pkgconfig sqlite-devel Summary:Example Programs for libsndfile -Version:1.0.23 +Version:1.0.24 Release:1 License:LGPLv2.1+ Group: System/Libraries libsndfile.spec: same change ++ libsndfile-1.0.23.tar.bz2 -> libsndfile-1.0.24.tar.bz2 ++ 3 lines of diff (skipped) Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
