commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2019-12-07 15:21:22 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new.4691 (New) Package is "libsndfile" Sat Dec 7 15:21:22 2019 rev:58 rq:753103 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2018-12-10 12:26:33.946633209 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new.4691/libsndfile.changes 2019-12-07 15:23:15.715729861 +0100 @@ -1,0 +2,8 @@ +Tue Dec 3 01:46:45 UTC 2019 - Stefan BrĂ¼ns + +- Remove build dependencies for progs subpackage from library: + * alsa-devel, only needed for the examples + * sqlite3-devel, only needed for the regression test +- Only build library, pass --disable-full-suite to configure + +--- Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.P7GAyB/_old 2019-12-07 15:23:16.315729778 +0100 +++ /var/tmp/diff_new_pack.P7GAyB/_new 2019-12-07 15:23:16.319729778 +0100 @@ -1,7 +1,7 @@ # # spec file for package libsndfile-progs # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -22,7 +22,7 @@ Summary:Example Programs for libsndfile License:LGPL-2.1-or-later Group: System/Libraries -Url:http://www.mega-nerd.com/libsndfile/ +URL:http://www.mega-nerd.com/libsndfile/ Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz Source1: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz.asc Source2:libsndfile.keyring ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.P7GAyB/_old 2019-12-07 15:23:16.335729775 +0100 +++ /var/tmp/diff_new_pack.P7GAyB/_new 2019-12-07 15:23:16.339729775 +0100 @@ -1,7 +1,7 @@ # # spec file for package libsndfile # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -23,7 +23,7 @@ Summary:Development/Libraries/C and C++ License:LGPL-2.1-or-later Group: System/Libraries -Url:http://www.mega-nerd.com/libsndfile +URL:http://www.mega-nerd.com/libsndfile Source0: http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz Source1: http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz.asc Source2:%{name}.keyring @@ -44,14 +44,12 @@ Patch40:libsndfile-wav-loop-count-fix.patch # PATCH-FIX-OPENSUSE Patch100: sndfile-ocloexec.patch -BuildRequires: alsa-devel BuildRequires: flac-devel BuildRequires: gcc-c++ BuildRequires: libtool BuildRequires: libvorbis-devel BuildRequires: pkg-config BuildRequires: speex-devel -BuildRequires: sqlite-devel Obsoletes: libsnd Provides: libsnd BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -103,16 +101,13 @@ %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter -%if 0%{?suse_version} < 1200 -sed -i -e'/^AM_SILENT_RULES/d' configure.ac -%endif autoreconf --force --install CFLAGS="%{optflags} %{warn_flags}" export CFLAGS %configure \ --disable-silent-rules \ --disable-static \ - --enable-sqlite \ + --disable-full-suite \ --with-pic \ --enable-experimental make %{?_smp_mflags}
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2018-12-10 12:26:32 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new.19453 (New) Package is "libsndfile" Mon Dec 10 12:26:32 2018 rev:57 rq:653853 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2018-11-28 11:09:31.375222654 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new.19453/libsndfile.changes 2018-12-10 12:26:33.946633209 +0100 @@ -1,0 +2,7 @@ +Tue Dec 4 13:42:05 CET 2018 - ti...@suse.de + +- Fix segfault in wav conversion due to the invalid loop count + (CVE-2018-19758, bsc#1117954): + libsndfile-wav-loop-count-fix.patch + +--- New: libsndfile-wav-loop-count-fix.patch Other differences: -- ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.kS6361/_old 2018-12-10 12:26:34.650632506 +0100 +++ /var/tmp/diff_new_pack.kS6361/_new 2018-12-10 12:26:34.654632502 +0100 @@ -40,6 +40,8 @@ Patch32:libsndfile-CVE-2017-17456-alaw-range-check.patch Patch33:libsndfile-CVE-2017-17457-ulaw-range-check.patch Patch34:sndfile-deinterlace-channels-check.patch +# not yet upstreamed, CVE-2018-19758, bsc#1117954 +Patch40:libsndfile-wav-loop-count-fix.patch # PATCH-FIX-OPENSUSE Patch100: sndfile-ocloexec.patch BuildRequires: alsa-devel @@ -96,6 +98,7 @@ %patch32 -p1 %patch33 -p1 %patch34 -p1 +%patch40 -p1 %patch100 -p1 %build ++ libsndfile-wav-loop-count-fix.patch ++ From: Takashi Iwai Subject: wav: Fix segfault due to invalid loop_count References: CVE-2018-19758, bsc#1117954 The psf->instrument->loop_count can be over the actual loops array size, and it leads to a segfault. Just add the loop size fix to address it. Signed-off-by: Takashi Iwai --- src/wav.c |3 +++ 1 file changed, 3 insertions(+) --- a/src/wav.c +++ b/src/wav.c @@ -1097,6 +1097,9 @@ wav_write_header (SF_PRIVATE *psf, int c for (tmp = 0 ; tmp < psf->instrument->loop_count ; tmp++) { int type ; + if (tmp >= ARRAY_LEN (psf->instrument->loops)) + break; + type = psf->instrument->loops [tmp].mode ; type = (type == SF_LOOP_FORWARD ? 0 : type == SF_LOOP_BACKWARD ? 2 : type == SF_LOOP_ALTERNATING ? 1 : 32) ;
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2018-11-28 11:09:29 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new.19453 (New) Package is "libsndfile" Wed Nov 28 11:09:29 2018 rev:56 rq:651403 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes 2017-04-17 10:24:07.592778096 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new.19453/libsndfile-progs.changes 2018-11-28 11:09:31.203222888 +0100 @@ -1,0 +2,18 @@ +Fri Jul 6 14:11:47 CEST 2018 - ti...@suse.de + +- Fix buffer overflow in sndfile-deinterleave, which isn't really a + security issue (bsc#1100167, CVE-2018-13139, bsc#1116993, + CVE-2018-19432): + (Apply all the rest as well to sync with libsndfile.spec) + 0001-FLAC-Fix-a-buffer-read-overrun.patch + 0002-src-flac.c-Fix-a-buffer-read-overflow.patch + 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch + 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch + 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch + 0031-sfe_copy_data_fp-check-value-of-max-variable.patch + libsndfile-CVE-2017-17456-alaw-range-check.patch + libsndfile-CVE-2017-17457-ulaw-range-check.patch + sndfile-deinterlace-channels-check.patch + sndfile-ocloexec.patch + +--- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2018-07-13 10:16:53.430136861 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new.19453/libsndfile.changes 2018-11-28 11:09:31.375222654 +0100 @@ -4,2 +4,3 @@ -- Fix buffer overflow in sndfile-deinterlace, which isn't really a - security issue (bsc#1100167, CVE-2018-13139): +- Fix buffer overflow in sndfile-deinterleave, which isn't really a + security issue (bsc#1100167, CVE-2018-13139, bsc#1116993, + CVE-2018-19432): Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.TGCTqk/_old 2018-11-28 11:09:32.111221653 +0100 +++ /var/tmp/diff_new_pack.TGCTqk/_new 2018-11-28 11:09:32.115221648 +0100 @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -26,6 +26,20 @@ Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz Source1: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz.asc Source2:libsndfile.keyring +# PATCH-FIX-UPSTREAM +Patch1: 0001-FLAC-Fix-a-buffer-read-overrun.patch +Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch +Patch10:0010-src-aiff.c-Fix-a-buffer-read-overflow.patch +Patch20:0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch +Patch30:0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch +# not yet upstreamed, https://github.com/erikd/libsndfile/issues/317 +Patch31:0031-sfe_copy_data_fp-check-value-of-max-variable.patch +# not yet upstreamed +Patch32:libsndfile-CVE-2017-17456-alaw-range-check.patch +Patch33:libsndfile-CVE-2017-17457-ulaw-range-check.patch +Patch34:sndfile-deinterlace-channels-check.patch +# PATCH-FIX-OPENSUSE +Patch100: sndfile-ocloexec.patch BuildRequires: alsa-devel BuildRequires: flac-devel BuildRequires: gcc-c++ @@ -41,6 +55,16 @@ %prep %setup -q -n libsndfile-%{version} +%patch1 -p1 +%patch2 -p1 +%patch10 -p1 +%patch20 -p1 +%patch30 -p1 +%patch31 -p1 +%patch32 -p1 +%patch33 -p1 +%patch34 -p1 +%patch100 -p1 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.TGCTqk/_old 2018-11-28 11:09:32.131221625 +0100 +++ /var/tmp/diff_new_pack.TGCTqk/_new 2018-11-28 11:09:32.135221621 +0100 @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ #
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2018-07-13 10:16:48 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Fri Jul 13 10:16:48 2018 rev:55 rq:621331 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2018-06-15 14:33:51.239603159 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2018-07-13 10:16:53.430136861 +0200 @@ -1,0 +2,7 @@ +Fri Jul 6 14:11:47 CEST 2018 - ti...@suse.de + +- Fix buffer overflow in sndfile-deinterlace, which isn't really a + security issue (bsc#1100167, CVE-2018-13139): + sndfile-deinterlace-channels-check.patch + +--- New: sndfile-deinterlace-channels-check.patch Other differences: -- ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.yHVOAL/_old 2018-07-13 10:16:54.634138287 +0200 +++ /var/tmp/diff_new_pack.yHVOAL/_new 2018-07-13 10:16:54.634138287 +0200 @@ -39,6 +39,7 @@ # not yet upstreamed Patch32:libsndfile-CVE-2017-17456-alaw-range-check.patch Patch33:libsndfile-CVE-2017-17457-ulaw-range-check.patch +Patch34:sndfile-deinterlace-channels-check.patch # PATCH-FIX-OPENSUSE Patch100: sndfile-ocloexec.patch BuildRequires: alsa-devel @@ -94,6 +95,7 @@ %patch31 -p1 %patch32 -p1 %patch33 -p1 +%patch34 -p1 %patch100 -p1 %build ++ sndfile-deinterlace-channels-check.patch ++ diff --git a/programs/sndfile-deinterleave.c b/programs/sndfile-deinterleave.c index 5366031075ab..712cb96cda76 100644 --- a/programs/sndfile-deinterleave.c +++ b/programs/sndfile-deinterleave.c @@ -89,6 +89,11 @@ main (int argc, char **argv) exit (1) ; } ; + if (sfinfo.channels > MAX_CHANNELS) + { printf ("\nError : Too many channels %d in input file '%s'.\n", sfinfo.channels, argv[1]) ; + exit (1) ; + } + state.channels = sfinfo.channels ; sfinfo.channels = 1 ;
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2018-06-15 14:33:46 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Fri Jun 15 14:33:46 2018 rev:54 rq:615239 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-12-21 11:21:59.085078039 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2018-06-15 14:33:51.239603159 +0200 @@ -1,0 +2,15 @@ +Fri Jun 8 14:49:18 CEST 2018 - ti...@suse.de + +- Use license file tag + +--- +Fri Jun 8 14:46:54 CEST 2018 - ti...@suse.de + +- Fix potential overflow in d2alaw_array() (CVE-2017-17456, + bsc#1071777): + libsndfile-CVE-2017-17456-alaw-range-check.patch +- Fix potential overflow in d2ulaw_array() (CVE-2017-17457, + bsc#1071767): + libsndfile-CVE-2017-17457-ulaw-range-check.patch + +--- New: libsndfile-CVE-2017-17456-alaw-range-check.patch libsndfile-CVE-2017-17457-ulaw-range-check.patch Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.sKLCW7/_old 2018-06-15 14:33:52.195568193 +0200 +++ /var/tmp/diff_new_pack.sKLCW7/_new 2018-06-15 14:33:52.199568046 +0200 @@ -1,7 +1,7 @@ # # spec file for package libsndfile-progs # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ Version:1.0.28 Release:0 Summary:Example Programs for libsndfile -License:LGPL-2.1+ +License:LGPL-2.1-or-later Group: System/Libraries Url:http://www.mega-nerd.com/libsndfile/ Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.sKLCW7/_old 2018-06-15 14:33:52.227567022 +0200 +++ /var/tmp/diff_new_pack.sKLCW7/_new 2018-06-15 14:33:52.231566875 +0200 @@ -1,7 +1,7 @@ # # spec file for package libsndfile # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -21,7 +21,7 @@ Version:1.0.28 Release:0 Summary:Development/Libraries/C and C++ -License:LGPL-2.1+ +License:LGPL-2.1-or-later Group: System/Libraries Url:http://www.mega-nerd.com/libsndfile Source0: http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz @@ -36,6 +36,9 @@ Patch30:0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch # not yet upstreamed, https://github.com/erikd/libsndfile/issues/317 Patch31:0031-sfe_copy_data_fp-check-value-of-max-variable.patch +# not yet upstreamed +Patch32:libsndfile-CVE-2017-17456-alaw-range-check.patch +Patch33:libsndfile-CVE-2017-17457-ulaw-range-check.patch # PATCH-FIX-OPENSUSE Patch100: sndfile-ocloexec.patch BuildRequires: alsa-devel @@ -89,6 +92,8 @@ %patch20 -p1 %patch30 -p1 %patch31 -p1 +%patch32 -p1 +%patch33 -p1 %patch100 -p1 %build @@ -133,8 +138,9 @@ %files devel %defattr(-, root, root) -%doc AUTHORS COPYING ChangeLog NEWS README +%doc AUTHORS ChangeLog NEWS README %doc doc/*.html doc/*.jpg doc/*.css doc/*.HOWTO +%license COPYING %{_libdir}/libsndfile.so %{_includedir}/sndfile.h %{_includedir}/sndfile.hh ++ libsndfile-CVE-2017-17456-alaw-range-check.patch ++ --- src/alaw.c | 36 1 file changed, 28 insertions(+), 8 deletions(-) --- a/src/alaw.c +++ b/src/alaw.c @@ -336,20 +336,40 @@ i2alaw_array (const int *ptr, int count, static inline void f2alaw_array (const float *ptr, int count, unsigned char *buffer, float normfact) { while (--count >= 0) - { if (ptr [count] >= 0) - buffer [count] = alaw_encode [lrintf (normfact * ptr [count])] ; - else - buffer [count] = 0x7F & alaw_encode [- lrintf (normfact * ptr [count])] ; + { int idx; + if (isnan (ptr [count])) { + buffer [count] = alaw_encode [0] ; + } else if (ptr [count] >= 0) { + idx = lrintf (normfact * ptr [count]) ; + if (i
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2017-12-21 11:21:57 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Thu Dec 21 11:21:57 2017 rev:53 rq:558623 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-08-12 20:06:49.371360704 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2017-12-21 11:21:59.085078039 +0100 @@ -1,0 +2,12 @@ +Tue Dec 19 15:57:19 CET 2017 - ti...@suse.de + +- Fix VUL-0: divide-by-zero error exists in the function + double64_init() in double64.c (CVE-2017-14634, bsc#1059911): + 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch +- Tentative fix for VUL-0: out of bounds read in the function + d2alaw_array() in alaw.c (CVE-2017-14245, bsc#1059912) and + VUL-0: out of bounds read in the function d2ulaw_array() in + ulaw.c (CVE-2017-14246, bsc#1059913): + 0031-sfe_copy_data_fp-check-value-of-max-variable.patch + +--- New: 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch 0031-sfe_copy_data_fp-check-value-of-max-variable.patch Other differences: -- ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.ZAJDJL/_old 2017-12-21 11:22:00.093028892 +0100 +++ /var/tmp/diff_new_pack.ZAJDJL/_new 2017-12-21 11:22:00.097028697 +0100 @@ -33,6 +33,9 @@ Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch Patch10:0010-src-aiff.c-Fix-a-buffer-read-overflow.patch Patch20:0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch +Patch30:0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch +# not yet upstreamed, https://github.com/erikd/libsndfile/issues/317 +Patch31:0031-sfe_copy_data_fp-check-value-of-max-variable.patch # PATCH-FIX-OPENSUSE Patch100: sndfile-ocloexec.patch BuildRequires: alsa-devel @@ -84,6 +87,8 @@ %patch2 -p1 %patch10 -p1 %patch20 -p1 +%patch30 -p1 +%patch31 -p1 %patch100 -p1 %build ++ 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch ++ >From 85c877d5072866aadbe8ed0c3e0590fbb5e16788 Mon Sep 17 00:00:00 2001 From: Fabian Greffrath Date: Thu, 28 Sep 2017 12:15:04 +0200 Subject: [PATCH] double64_init: Check psf->sf.channels against upper bound This prevents division by zero later in the code. While the trivial case to catch this (i.e. sf.channels < 1) has already been covered, a crafted file may report a number of channels that is so high (i.e. > INT_MAX/sizeof(double)) that it "somehow" gets miscalculated to zero (if this makes sense) in the determination of the blockwidth. Since we only support a limited number of channels anyway, make sure to check here as well. CVE-2017-14634 Closes: https://github.com/erikd/libsndfile/issues/318 Signed-off-by: Erik de Castro Lopo --- src/double64.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/src/double64.c +++ b/src/double64.c @@ -91,7 +91,7 @@ int double64_init (SF_PRIVATE *psf) { static int double64_caps ; - if (psf->sf.channels < 1) + if (psf->sf.channels < 1 || psf->sf.channels > SF_MAX_CHANNELS) { psf_log_printf (psf, "double64_init : internal error : channels = %d\n", psf->sf.channels) ; return SFE_INTERNAL ; } ; ++ 0031-sfe_copy_data_fp-check-value-of-max-variable.patch ++ >From 2d54514a4f6437b67829717c05472d2e3300a258 Mon Sep 17 00:00:00 2001 From: Fabian Greffrath Date: Wed, 27 Sep 2017 14:46:17 +0200 Subject: [PATCH] sfe_copy_data_fp: check value of "max" variable for being normal and check elements of the data[] array for being finite. Both checks use functions provided by the header as declared by the C99 standard. Fixes #317 CVE-2017-14245 CVE-2017-14246 --- programs/common.c | 20 programs/common.h |2 +- programs/sndfile-convert.c |6 +- 3 files changed, 22 insertions(+), 6 deletions(-) --- a/programs/common.c +++ b/programs/common.c @@ -36,6 +36,7 @@ #include #include #include +#include #include @@ -45,7 +46,7 @@ #defineMIN(x, y) ((x) < (y) ? (x) : (y)) -void +int sfe_copy_data_fp (SNDFILE *outfile, SNDFILE *infile, int channels, int normalize) { static double data [BUFFER_LEN], max ; int frames, readcount, k ; @@ -54,6 +55,8 @@ sfe_copy_data_fp (SNDFILE *outfile, SNDF readcount = frames ; sf_command (infile, SFC_CALC_SIGNAL_MAX, &max, sizeof (max)) ; + if (!isnormal (max)) /* neither zero, subnormal, infinite,
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2017-08-12 20:06:48 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Sat Aug 12 20:06:48 2017 rev:52 rq:515153 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-06-15 11:18:38.395681818 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2017-08-12 20:06:49.371360704 +0200 @@ -1,0 +2,7 @@ +Tue Aug 8 11:00:09 CEST 2017 - ti...@suse.de + +- Fix Heap-based Buffer Overflow in the psf_binheader_writef + (CVE-2017-12562, bsc#1052476): + 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch + +--- New: 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch Other differences: -- ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.p4EhNR/_old 2017-08-12 20:06:51.047125936 +0200 +++ /var/tmp/diff_new_pack.p4EhNR/_new 2017-08-12 20:06:51.051125376 +0200 @@ -32,6 +32,7 @@ Patch1: 0001-FLAC-Fix-a-buffer-read-overrun.patch Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch Patch10:0010-src-aiff.c-Fix-a-buffer-read-overflow.patch +Patch20:0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch # PATCH-FIX-OPENSUSE Patch100: sndfile-ocloexec.patch BuildRequires: alsa-devel @@ -82,6 +83,7 @@ %patch1 -p1 %patch2 -p1 %patch10 -p1 +%patch20 -p1 %patch100 -p1 %build ++ 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch ++ >From cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Heusipp?= Date: Wed, 14 Jun 2017 12:25:40 +0200 Subject: [PATCH] src/common.c: Fix heap buffer overflows when writing strings in binheader Fixes the following problems: 1. Case 's' only enlarges the buffer by 16 bytes instead of size bytes. 2. psf_binheader_writef() enlarges the header buffer (if needed) prior to the big switch statement by an amount (16 bytes) which is enough for all cases where only a single value gets added. Cases 's', 'S', 'p' however additionally write an arbitrary length block of data and again enlarge the buffer to the required amount. However, the required space calculation does not take into account the size of the length field which gets output before the data. 3. Buffer size requirement calculation in case 'S' does not account for the padding byte ("size += (size & 1) ;" happens after the calculation which uses "size"). 4. Case 'S' can overrun the header buffer by 1 byte when no padding is involved ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ;" while the buffer is only guaranteed to have "size" space available). 5. "psf->header.ptr [psf->header.indx] = 0 ;" in case 'S' always writes 1 byte beyond the space which is guaranteed to be allocated in the header buffer. 6. Case 's' can overrun the provided source string by 1 byte if padding is involved ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;" where "size" is "strlen (strptr) + 1" (which includes the 0 terminator, plus optionally another 1 which is padding and not guaranteed to be readable via the source string pointer). Closes: https://github.com/erikd/libsndfile/issues/292 --- src/common.c | 15 +++ 1 file changed, 7 insertions(+), 8 deletions(-) --- a/src/common.c +++ b/src/common.c @@ -675,16 +675,16 @@ psf_binheader_writef (SF_PRIVATE *psf, c /* Write a C string (guaranteed to have a zero terminator). */ strptr = va_arg (argptr, char *) ; size = strlen (strptr) + 1 ; - size += (size & 1) ; - if (psf->header.indx + (sf_count_t) size >= psf->header.len && psf_bump_header_allocation (psf, 16)) + if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1))) return count ; if (psf->rwf_endian == SF_ENDIAN_BIG) - header_put_be_int (psf, size) ; + header_put_be_int (psf, size + (size & 1)) ; else - header_put_le_int (psf, size) ; +
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2017-06-15 11:18:37 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Thu Jun 15 11:18:37 2017 rev:51 rq:503303 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-05-18 20:45:52.755928761 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2017-06-15 11:18:38.395681818 +0200 @@ -1,0 +2,7 @@ +Tue Jun 13 08:36:52 CEST 2017 - ti...@suse.de + +- Fix out-of-bounds read memory access in the aiff_read_chanmap() + (CVE-2017-6892, bsc#1043978): + 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch + +--- New: 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch Other differences: -- ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.tyTGt1/_old 2017-06-15 11:18:39.115580113 +0200 +++ /var/tmp/diff_new_pack.tyTGt1/_new 2017-06-15 11:18:39.115580113 +0200 @@ -31,6 +31,7 @@ # PATCH-FIX-UPSTREAM Patch1: 0001-FLAC-Fix-a-buffer-read-overrun.patch Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch +Patch10:0010-src-aiff.c-Fix-a-buffer-read-overflow.patch # PATCH-FIX-OPENSUSE Patch100: sndfile-ocloexec.patch BuildRequires: alsa-devel @@ -80,6 +81,7 @@ %setup -q %patch1 -p1 %patch2 -p1 +%patch10 -p1 %patch100 -p1 %build ++ 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch ++ >From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001 From: Erik de Castro Lopo Date: Tue, 23 May 2017 20:15:24 +1000 Subject: [PATCH] src/aiff.c: Fix a buffer read overflow Secunia Advisory SA76717. Found by: Laurent Delosieres, Secunia Research at Flexera Software --- src/aiff.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/src/aiff.c +++ b/src/aiff.c @@ -1905,7 +1905,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, uns psf_binheader_readf (psf, "j", dword - bytesread) ; if (map_info->channel_map != NULL) - { size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ; + { size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0x) * sizeof (psf->channel_map [0]) ; free (psf->channel_map) ;
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2017-05-18 20:45:45 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Thu May 18 20:45:45 2017 rev:50 rq:492489 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2017-04-17 10:24:07.616774697 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2017-05-18 20:45:52.755928761 +0200 @@ -1,0 +2,9 @@ +Tue May 2 14:06:40 CEST 2017 - ti...@suse.de + +- Fix FLAC buffer overflows (CVE-2017-8361 CVE-2017-8363 + CVE-2017-8365 CVE-2017-8362 bsc#1036944 bsc#1036945 bsc#1036946 + bsc#1036943): + 0001-FLAC-Fix-a-buffer-read-overrun.patch + 0002-src-flac.c-Fix-a-buffer-read-overflow.patch + +--- New: 0001-FLAC-Fix-a-buffer-read-overrun.patch 0002-src-flac.c-Fix-a-buffer-read-overflow.patch Other differences: -- ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.tUsjbF/_old 2017-05-18 20:45:55.019609298 +0200 +++ /var/tmp/diff_new_pack.tUsjbF/_new 2017-05-18 20:45:55.023608733 +0200 @@ -28,7 +28,11 @@ Source1: http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz.asc Source2:%{name}.keyring Source3:baselibs.conf -Patch2: sndfile-ocloexec.patch +# PATCH-FIX-UPSTREAM +Patch1: 0001-FLAC-Fix-a-buffer-read-overrun.patch +Patch2: 0002-src-flac.c-Fix-a-buffer-read-overflow.patch +# PATCH-FIX-OPENSUSE +Patch100: sndfile-ocloexec.patch BuildRequires: alsa-devel BuildRequires: flac-devel BuildRequires: gcc-c++ @@ -74,7 +78,9 @@ %prep %setup -q +%patch1 -p1 %patch2 -p1 +%patch100 -p1 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter ++ 0001-FLAC-Fix-a-buffer-read-overrun.patch ++ >From fd0484aba8e51d16af1e3a880f9b8b857b385eb3 Mon Sep 17 00:00:00 2001 From: Erik de Castro Lopo Date: Wed, 12 Apr 2017 19:45:30 +1000 Subject: [PATCH] FLAC: Fix a buffer read overrun References: CVE-2017-8361 CVE-2017-8363 CVE-2017-8365 bsc#1036944 bsc#1036945 bsc#1036946 Buffer read overrun occurs when reading a FLAC file that switches from 2 channels to one channel mid-stream. Only option is to abort the read. Closes: https://github.com/erikd/libsndfile/issues/230 --- src/common.h |1 + src/flac.c| 13 + src/sndfile.c |1 + 3 files changed, 15 insertions(+) --- a/src/common.h +++ b/src/common.h @@ -725,6 +725,7 @@ enum SFE_FLAC_INIT_DECODER, SFE_FLAC_LOST_SYNC, SFE_FLAC_BAD_SAMPLE_RATE, + SFE_FLAC_CHANNEL_COUNT_CHANGED, SFE_FLAC_UNKOWN_ERROR, SFE_WVE_NOT_WVE, --- a/src/flac.c +++ b/src/flac.c @@ -435,6 +435,19 @@ sf_flac_meta_callback (const FLAC__Strea switch (metadata->type) { case FLAC__METADATA_TYPE_STREAMINFO : + if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels) + { psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n" + "Nothing to be but to error out.\n" , + psf->sf.channels, metadata->data.stream_info.channels) ; + psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ; + return ; + } ; + + if (psf->sf.channels > 0 && psf->sf.samplerate != (int) metadata->data.stream_info.sample_rate) + { psf_log_printf (psf, "Warning: FLAC stream changed sample rates from %d to %d.\n" + "Carrying on as if nothing happened.", + psf->sf.samplerate, metadata->data.stream_info.sample_rate) ; + } ; psf->sf.channels = metadata->data.stream_info.channels ; psf->sf.samplerate = metadata->data.stream_info.sample_rate ; psf->sf.frames = metadata->data.stream_info.total_samples ; --- a/src/sndfile.c +++ b/src/sndfile.c @@ -245,6 +245,7 @@ ErrorStruct SndfileErrors [] = { SFE_FLAC_INIT_DECODER , "Error : problem with initialization of the flac decoder." }, { SFE_FLAC_LOST_SYNC , "Error : flac decoder lost sync." }, { SFE_FLAC_BAD_SAMPLE_RATE, "Error : flac does not support
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2017-04-17 10:24:07 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Mon Apr 17 10:24:07 2017 rev:49 rq:487149 version:1.0.28 Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes 2015-12-01 09:18:05.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes 2017-04-17 10:24:07.592778096 +0200 @@ -1,0 +2,15 @@ +Mon Apr 10 10:47:58 CEST 2017 - ti...@suse.de + +- Update to version 1.0.27: + * Fix a seek regression in 1.0.26 + * Add metadata read/write for CAF and RF64 + * FIx PAF endian-ness issue +- Update to version 1.0.28 + * Fix buffer overruns in FLAC and ID3 handling code + (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053) + * Reduce default header memory requirements + * Fix detection of Large File Support for 32 bit systems. +- Obsoleted patch: + libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch + +--- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2016-05-16 12:01:30.0 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2017-04-17 10:24:07.616774697 +0200 @@ -1,0 +2,15 @@ +Mon Apr 10 10:47:58 CEST 2017 - ti...@suse.de + +- Update to version 1.0.27: + * Fix a seek regression in 1.0.26 + * Add metadata read/write for CAF and RF64 + * FIx PAF endian-ness issue +- Update to version 1.0.28 + * Fix buffer overruns in FLAC and ID3 handling code + (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053) + * Reduce default header memory requirements + * Fix detection of Large File Support for 32 bit systems. +- Obsoleted patch: + libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch + +--- Old: libsndfile-1.0.26.tar.gz libsndfile-1.0.26.tar.gz.asc libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch New: libsndfile-1.0.28.tar.gz libsndfile-1.0.28.tar.gz.asc Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.3g18Nw/_old 2017-04-17 10:24:08.636630265 +0200 +++ /var/tmp/diff_new_pack.3g18Nw/_new 2017-04-17 10:24:08.640629699 +0200 @@ -1,7 +1,7 @@ # # spec file for package libsndfile-progs # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: libsndfile-progs -Version:1.0.26 +Version:1.0.28 Release:0 Summary:Example Programs for libsndfile License:LGPL-2.1+ ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.3g18Nw/_old 2017-04-17 10:24:08.660626867 +0200 +++ /var/tmp/diff_new_pack.3g18Nw/_new 2017-04-17 10:24:08.660626867 +0200 @@ -1,7 +1,7 @@ # # spec file for package libsndfile # -# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,7 +18,7 @@ %define lname %{name}1 Name: libsndfile -Version:1.0.26 +Version:1.0.28 Release:0 Summary:Development/Libraries/C and C++ License:LGPL-2.1+ @@ -29,8 +29,6 @@ Source2:%{name}.keyring Source3:baselibs.conf Patch2: sndfile-ocloexec.patch -# PATCH-FIX-SUSE CVE-2015-8075 bsc#953519 -Patch8: libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch BuildRequires: alsa-devel BuildRequires: flac-devel BuildRequires: gcc-c++ @@ -77,7 +75,6 @@ %prep %setup -q %patch2 -p1 -%patch8 -p1 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter ++ libsndfile-1.0.26.tar.gz -> libsndfile-1.0.28.tar.gz ++ 51912 lines of diff (skipped) ++ libsndfile.keyring ++ --- /var/tmp/diff_new_pack.3g18Nw/_old 2017-04-17 10:24:09.000578722 +0200 +++ /var/tmp/diff_new_pack.3g18Nw/_new 2017-04-17 10:24:09.000578722 +0200 @@ -1,103 +1,52 @@ -BEGIN PGP PUBLIC KEY BLOCK- -Version: GnuPG v2 -mQGiBEBgzMIRBADZ0895FcsJLDukwfGbTBfBvIKweRC1L3GB9x2KMocMaJ5q3cr3 -YupkbkksBZRVSVzHbXIk6Nu6p+FKnLeZfbsu3LDsp9Nh26Xxi1RMV5hYViIr6UAM -nxB7hbACUPvn4oQjCBc5XEaQOFiwOmtigAhlNbenrLxxdUMckgwj4qYMqwCgwt90 -yYHQyaZ2iKVtPDBDCl8NU3UEAMKGkAVjV+BJ/KPjTaRPCOtF7CgPQABGKqpcPP8R -IETX9
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2016-05-16 12:01:28 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2015-12-01 09:18:05.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2016-05-16 12:01:30.0 +0200 @@ -1,0 +2,5 @@ +Tue May 10 17:18:51 UTC 2016 - tom.m...@googlemail.com + +- Fix spec file to enable builds on non opensuse OS + +--- Other differences: -- ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.o5WMha/_old 2016-05-16 12:01:31.0 +0200 +++ /var/tmp/diff_new_pack.o5WMha/_new 2016-05-16 12:01:31.0 +0200 @@ -81,7 +81,7 @@ %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter -%if %suse_version < 1200 +%if 0%{?suse_version} < 1200 sed -i -e'/^AM_SILENT_RULES/d' configure.ac %endif autoreconf --force --install
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2015-12-01 09:18:03 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes 2015-03-27 09:39:04.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes 2015-12-01 09:18:05.0 +0100 @@ -1,0 +2,13 @@ +Tue Nov 24 08:31:31 UTC 2015 - idon...@suse.com + +- Remove documentation, it belongs to the libsndfile package. + +--- +Mon Nov 23 17:22:41 CET 2015 - ti...@suse.de + +- Update to version 1.0.26: + * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805. + * Add ALAC/CAF support. Minor bug fixes and improvements. +- Drop libsndfile-example-fix.diff + +--- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2015-11-08 11:25:42.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2015-12-01 09:18:05.0 +0100 @@ -1,0 +2,18 @@ +Mon Nov 23 17:20:09 CET 2015 - ti...@suse.de + +- Update to version 1.0.26: + * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805. + * Add ALAC/CAF support. Minor bug fixes and improvements. +- Refreshed patches: + sndfile-ocloexec.patch + libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch +- Removed obsoleted patches: + libsndfile-example-fix.diff + libsndfile-fix-header-read-CVE-2015-7805.patch + libsndfile-paf-zero-division-fix.diff + libsndfile-src-common.c-Fix-a-header-parsing-bug.patch + libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch + sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch + sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch + +--- Old: libsndfile-1.0.25.tar.gz libsndfile-1.0.25.tar.gz.asc libsndfile-example-fix.diff libsndfile-fix-header-read-CVE-2015-7805.patch libsndfile-paf-zero-division-fix.diff libsndfile-src-common.c-Fix-a-header-parsing-bug.patch libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch New: libsndfile-1.0.26.tar.gz libsndfile-1.0.26.tar.gz.asc Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.PkrLwR/_old 2015-12-01 09:18:06.0 +0100 +++ /var/tmp/diff_new_pack.PkrLwR/_new 2015-12-01 09:18:06.0 +0100 @@ -17,7 +17,7 @@ Name: libsndfile-progs -Version:1.0.25 +Version:1.0.26 Release:0 Summary:Example Programs for libsndfile License:LGPL-2.1+ @@ -26,7 +26,6 @@ Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz Source1: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz.asc Source2:libsndfile.keyring -Patch0: libsndfile-example-fix.diff BuildRequires: alsa-devel BuildRequires: flac-devel BuildRequires: gcc-c++ @@ -42,7 +41,6 @@ %prep %setup -q -n libsndfile-%{version} -%patch0 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter @@ -57,7 +55,9 @@ %install make DESTDIR=%{buildroot} install %{?_smp_mflags} -# remove unnecessary lib files + +# remove unnecessary files +rm -rf %{buildroot}%{_datadir}/doc/libsndfile rm -rf %{buildroot}%{_libdir} rm -rf %{buildroot}%{_includedir} rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.PkrLwR/_old 2015-12-01 09:18:06.0 +0100 +++ /var/tmp/diff_new_pack.PkrLwR/_new 2015-12-01 09:18:06.0 +0100 @@ -18,7 +18,7 @@ %define lname %{name}1 Name: libsndfile -Version:1.0.25 +Version:1.0.26 Release:0 Summary:Development/Libraries/C and C++ License:LGPL-2.1+ @@ -28,21 +28,7 @@ Source1: http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz.asc Source2:%{name}.keyring Source3:baselibs.conf -# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines -Patch0: libsndfile-example-fix.diff -# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines -Patch1: libsndfile-paf-zero-division-fix.diff Patch2: sndfile-ocloexec.patch -# PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796 -Patch3: sndfile-src-sd2.c-Fix-segfault-in-SD2-R
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2015-11-08 11:25:41 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2015-03-27 09:39:04.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2015-11-08 11:25:42.0 +0100 @@ -1,0 +2,16 @@ +Wed Nov 4 16:43:39 CET 2015 - ti...@suse.de + +- VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-7805, bsc#953516) + libsndfile-src-common.c-Fix-a-header-parsing-bug.patch + libsndfile-fix-header-read-CVE-2015-7805.patch +- VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-8075, bsc#953519) + libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch +- Fix the build with SLE11-SP3 due to AM_SILENT_RULE macro + +--- +Wed Nov 4 11:38:16 CET 2015 - ti...@suse.de + +- VUL-1: libsndfile DoS/divide-by-zero (CVE-2014-9756, bsc#953521): + libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch + +--- New: libsndfile-fix-header-read-CVE-2015-7805.patch libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch libsndfile-src-common.c-Fix-a-header-parsing-bug.patch libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch Other differences: -- ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.mOraYf/_old 2015-11-08 11:25:43.0 +0100 +++ /var/tmp/diff_new_pack.mOraYf/_new 2015-11-08 11:25:43.0 +0100 @@ -37,6 +37,14 @@ Patch3: sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch # PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796 Patch4: sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch +# PATCH-FIX-UPSTREAM CVE-2014-9756 bsc#953521 +Patch5: libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch +# PATCH-FIX-UPSTREAM CVE-2015-7805 bsc#953516 +Patch6: libsndfile-src-common.c-Fix-a-header-parsing-bug.patch +# PATCH-FIX-SUSE CVE-2015-7805 bsc#953516 +Patch7: libsndfile-fix-header-read-CVE-2015-7805.patch +# PATCH-FIX-SUSE CVE-2015-8075 bsc#953519 +Patch8: libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch BuildRequires: alsa-devel BuildRequires: flac-devel BuildRequires: gcc-c++ @@ -87,9 +95,16 @@ %patch2 %patch3 -p1 %patch4 -p1 +%patch5 -p1 +%patch6 -p1 +%patch7 -p1 +%patch8 -p1 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter +%if %suse_version < 1200 +sed -i -e'/^AM_SILENT_RULES/d' configure.ac +%endif autoreconf --force --install CFLAGS="%{optflags} %{warn_flags}" export CFLAGS ++ libsndfile-fix-header-read-CVE-2015-7805.patch ++ --- src/common.c |5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) --- a/src/common.c +++ b/src/common.c @@ -800,9 +800,10 @@ header_read (SF_PRIVATE *psf, void *ptr, if (psf->headindex + bytes > SIGNED_SIZEOF (psf->header)) { int most ; - most = SIGNED_SIZEOF (psf->header) - psf->headindex ; + most = SIGNED_SIZEOF (psf->header) - psf->headend ; psf_fread (psf->header + psf->headend, 1, most, psf) ; - memcpy (ptr, psf->header + psf->headend, most) ; + most = SIGNED_SIZEOF (psf->header) - psf->headindex ; + memcpy (ptr, psf->header + psf->headindex, most) ; psf->headend = psf->headindex += most ; psf_fread ((char *) ptr + most, bytes - most, 1, psf) ; return bytes ; ++ libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch ++ --- src/common.c |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) --- a/src/common.c +++ b/src/common.c @@ -1332,7 +1332,7 @@ psf_strlcpy_crlf (char *dest, const char char * destend = dest + destmax - 2 ; const char * srcend = src + srcmax ; - while (dest < destend && src < srcend) + while (*src && dest < destend && src < srcend) { if ((src [0] == '\r' && src [1] == '\n') || (src [0] == '\n' && src [1] == '\r')) { *dest++ = '\r' ; *dest++ = '\n' ; ++ libsndfile-src-common.c-Fix-a-header-parsing-bug.patch ++ >From d2a87385c1ca1d72918e9a2875d24f202a5093e8 Mon Sep 17 00:00:00 2001 From: Erik de Castro Lopo Date: Sat, 7 Feb 2015 15:45:10 +1100 Subject: [PATCH] src/common.c : Fix a header parsing bug. When the file header is bigger that SF_HEADER_LEN, the code would seek instead of reading causing file parse errors. The current header parsing and
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2015-03-27 09:39:03 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes 2013-04-17 07:16:52.0 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes 2015-03-27 09:39:04.0 +0100 @@ -1,0 +2,6 @@ +Sat Mar 21 08:14:38 UTC 2015 - mplus...@suse.com + +- Cleanup spec file with spec-cleaner +- Add gpg signature + +--- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2015-01-09 20:52:17.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2015-03-27 09:39:04.0 +0100 @@ -1,0 +2,7 @@ +Sat Mar 21 08:12:34 UTC 2015 - mplus...@suse.com + +- Cleanup spec file with spec-cleaner +- Add gpg signature +- Remove old ppc provides/obsoletes + +--- New: libsndfile-1.0.25.tar.gz.asc libsndfile.keyring Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.4uGjzn/_old 2015-03-27 09:39:05.0 +0100 +++ /var/tmp/diff_new_pack.4uGjzn/_new 2015-03-27 09:39:05.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package libsndfile-progs # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,6 +17,16 @@ Name: libsndfile-progs +Version:1.0.25 +Release:0 +Summary:Example Programs for libsndfile +License:LGPL-2.1+ +Group: System/Libraries +Url:http://www.mega-nerd.com/libsndfile/ +Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz +Source1: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz.asc +Source2:libsndfile.keyring +Patch0: libsndfile-example-fix.diff BuildRequires: alsa-devel BuildRequires: flac-devel BuildRequires: gcc-c++ @@ -25,33 +35,19 @@ BuildRequires: libvorbis-devel BuildRequires: pkgconfig BuildRequires: sqlite-devel -Summary:Example Programs for libsndfile -License:LGPL-2.1+ -Group: System/Libraries -Version:1.0.25 -Release:0 -Source: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz -Patch: libsndfile-example-fix.diff -Url:http://www.mega-nerd.com/libsndfile/ BuildRoot: %{_tmppath}/%{name}-%{version}-build %description This package includes the example programs for libsndfile. - - -Authors: - -Erik de Castro Lopo - %prep %setup -q -n libsndfile-%{version} -%patch +%patch0 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter # autoreconf --force --install -CFLAGS="$RPM_OPT_FLAGS %{warn_flags}" +CFLAGS="%{optflags} %{warn_flags}" export CFLAGS %configure --disable-silent-rules \ --disable-static \ @@ -60,11 +56,11 @@ make %{?_smp_mflags} %install -make DESTDIR="$RPM_BUILD_ROOT" install +make DESTDIR=%{buildroot} install %{?_smp_mflags} # remove unnecessary lib files -rm -rf $RPM_BUILD_ROOT%{_libdir} -rm -rf $RPM_BUILD_ROOT%{_includedir} -rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libsndfile1-dev +rm -rf %{buildroot}%{_libdir} +rm -rf %{buildroot}%{_includedir} +rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev %files %defattr(-, root, root) ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.4uGjzn/_old 2015-03-27 09:39:05.0 +0100 +++ /var/tmp/diff_new_pack.4uGjzn/_new 2015-03-27 09:39:05.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package libsndfile # -# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,13 +16,27 @@ # +%define lname %{name}1 Name: libsndfile -%define lname libsndfile1 Version:1.0.25 Release:0 Summary:Development/Libraries/C and C++ License:LGPL-2.1+ Group: System/Libraries +Url:http://www.mega-nerd.com/libsndfile +Source0: http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz +Source1: http://www.mega-n
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2015-01-09 20:52:14 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2013-04-17 07:16:52.0 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2015-01-09 20:52:17.0 +0100 @@ -1,0 +2,8 @@ +Wed Jan 7 08:30:31 CET 2015 - ti...@suse.de + +- VUL-0: two buffer read overflows in sd2_parse_rsrc_fork() + (CVE-2014-9496, bnc#911796): backported upstream fix patches + sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch + sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch + +--- New: sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.STx0Dc/_old 2015-01-09 20:52:18.0 +0100 +++ /var/tmp/diff_new_pack.STx0Dc/_new 2015-01-09 20:52:18.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package libsndfile-progs # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.STx0Dc/_old 2015-01-09 20:52:18.0 +0100 +++ /var/tmp/diff_new_pack.STx0Dc/_new 2015-01-09 20:52:18.0 +0100 @@ -1,7 +1,7 @@ # # spec file for package libsndfile # -# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -46,6 +46,10 @@ # PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch1: libsndfile-paf-zero-division-fix.diff Patch2: sndfile-ocloexec.patch +# PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796 +Patch3: sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch +# PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796 +Patch4: sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -89,6 +93,8 @@ %patch0 %patch1 -p1 %patch2 +%patch3 -p1 +%patch4 -p1 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter ++ sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch ++ >From 9341e9c6e70cd3ad76c901c3cf052d4cb52fd827 Mon Sep 17 00:00:00 2001 From: Erik de Castro Lopo Date: Thu, 27 Jun 2013 18:04:03 +1000 Subject: [PATCH] src/sd2.c : Fix segfault in SD2 RSRC parser. A specially crafted resource fork for an SD2 file can cause the SD2 RSRC parser to read data from outside a dynamically defined buffer. The data that is read is converted into a short or int and used during further processing. Since no write occurs, this is unlikely to be exploitable. Bug reported by The Mayhem Team from Cylab, Carnegie Mellon Univeristy. Paper is: http://users.ece.cmu.edu/~arebert/papers/mayhem-oakland-12.pdf --- src/sd2.c | 93 -- 1 file changed, 55 insertions(+), 38 deletions(-) --- a/src/sd2.c +++ b/src/sd2.c @@ -1,5 +1,5 @@ /* -** Copyright (C) 2001-2011 Erik de Castro Lopo +** Copyright (C) 2001-2013 Erik de Castro Lopo ** Copyright (C) 2004 Paavo Jumppanen ** ** This program is free software; you can redistribute it and/or modify @@ -370,44 +370,61 @@ sd2_write_rsrc_fork (SF_PRIVATE *psf, in */ static inline int -read_char (const unsigned char * data, int offset) -{ return data [offset] ; -} /* read_char */ +read_rsrc_char (const SD2_RSRC *prsrc, int offset) +{ const unsigned char * data = prsrc->rsrc_data ; + if (offset < 0 || offset >= prsrc->rsrc_len) + return 0 ; + return data [offset] ; +} /* read_rsrc_char */ static inline int -read_short (const unsigned char * data, int offset) -{ return (data [offset] << 8) + data [offset + 1] ; -} /* read_short */ +read_rsrc_short (const SD2_RSRC *prsrc, int offset) +{ const unsigned char * data = prsrc->rsrc_data ; + if (offset < 0 || offset + 1 >= prsrc->rsrc_len) + return 0 ; + return (data [offset] << 8) + data [offset + 1] ; +} /* read_rsrc
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2013-04-17 07:16:47 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile", Maintainer is "ti...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes 2011-11-22 17:48:32.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes 2013-04-17 07:16:52.0 +0200 @@ -1,0 +2,6 @@ +Mon Apr 15 14:00:22 UTC 2013 - mmeis...@suse.com + +- Added url as source. + Please see http://en.opensuse.org/SourceUrls + +--- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-12-08 12:26:36.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2013-04-17 07:16:52.0 +0200 @@ -1,0 +2,6 @@ +Mon Apr 15 13:57:35 UTC 2013 - mmeis...@suse.com + +- Added url as source. + Please see http://en.opensuse.org/SourceUrls + +--- Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.U6Zecc/_old 2013-04-17 07:16:56.0 +0200 +++ /var/tmp/diff_new_pack.U6Zecc/_new 2013-04-17 07:16:56.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package libsndfile-progs # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,6 +15,7 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + Name: libsndfile-progs BuildRequires: alsa-devel BuildRequires: flac-devel @@ -25,11 +26,11 @@ BuildRequires: pkgconfig BuildRequires: sqlite-devel Summary:Example Programs for libsndfile -Version:1.0.25 -Release:0 License:LGPL-2.1+ Group: System/Libraries -Source: libsndfile-%{version}.tar.gz +Version:1.0.25 +Release:0 +Source: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz Patch: libsndfile-example-fix.diff Url:http://www.mega-nerd.com/libsndfile/ BuildRoot: %{_tmppath}/%{name}-%{version}-build ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.U6Zecc/_old 2013-04-17 07:16:56.0 +0200 +++ /var/tmp/diff_new_pack.U6Zecc/_new 2013-04-17 07:16:56.0 +0200 @@ -1,7 +1,7 @@ # # spec file for package libsndfile # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -15,12 +15,13 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # + Name: libsndfile %define lname libsndfile1 Version:1.0.25 Release:0 -License:LGPL-2.1+ Summary:Development/Libraries/C and C++ +License:LGPL-2.1+ Group: System/Libraries BuildRequires: alsa-devel BuildRequires: flac-devel @@ -38,7 +39,7 @@ %endif Url:http://www.mega-nerd.com/libsndfile/ # -Source: libsndfile-%{version}.tar.gz +Source: http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz Source2:baselibs.conf # PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch0: libsndfile-example-fix.diff @@ -55,6 +56,7 @@ %package -n %lname Summary:A Library to Handle Various Audio File Formats +Group: System/Libraries Provides: %{name} = %{version} Obsoletes: %{name} <= 1.0.25 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2011-12-08 12:26:30 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile", Maintainer is "ti...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-11-28 12:54:21.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2011-12-08 12:26:36.0 +0100 @@ -1,0 +2,5 @@ +Fri Dec 2 15:55:49 UTC 2011 - co...@suse.com + +- add libtool as buildrequire to avoid implicit dependency + +--- Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.Vspx38/_old 2011-12-08 12:26:54.0 +0100 +++ /var/tmp/diff_new_pack.Vspx38/_new 2011-12-08 12:26:54.0 +0100 @@ -15,14 +15,19 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - - Name: libsndfile-progs -BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel pkgconfig sqlite-devel +BuildRequires: alsa-devel +BuildRequires: flac-devel +BuildRequires: gcc-c++ +BuildRequires: libjack-devel +BuildRequires: libtool +BuildRequires: libvorbis-devel +BuildRequires: pkgconfig +BuildRequires: sqlite-devel Summary:Example Programs for libsndfile Version:1.0.25 -Release:3 -License:LGPLv2.1+ +Release:0 +License:LGPL-2.1+ Group: System/Libraries Source: libsndfile-%{version}.tar.gz Patch: libsndfile-example-fix.diff ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.Vspx38/_old 2011-12-08 12:26:54.0 +0100 +++ /var/tmp/diff_new_pack.Vspx38/_new 2011-12-08 12:26:54.0 +0100 @@ -15,22 +15,21 @@ # Please submit bugfixes or comments via http://bugs.opensuse.org/ # - - Name: libsndfile %define lname libsndfile1 Version:1.0.25 -Release:4 -License:LGPLv2.1+ +Release:0 +License:LGPL-2.1+ Summary:Development/Libraries/C and C++ Group: System/Libraries BuildRequires: alsa-devel BuildRequires: flac-devel BuildRequires: gcc-c++ +BuildRequires: libtool BuildRequires: libvorbis-devel BuildRequires: pkg-config -BuildRequires: sqlite-devel BuildRequires: speex-devel +BuildRequires: sqlite-devel Obsoletes: libsnd Provides: libsnd # bug437293 @@ -56,7 +55,6 @@ %package -n %lname Summary:A Library to Handle Various Audio File Formats -Group: System/Libraries Provides: %{name} = %{version} Obsoletes: %{name} <= 1.0.25 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2011-11-28 12:54:19 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile", Maintainer is "ti...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-11-23 19:36:11.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2011-11-28 12:54:21.0 +0100 @@ -1,0 +2,11 @@ +Thu Nov 24 11:02:11 CET 2011 - ti...@suse.de + +- add missing provides/obsoletes for libsndfile -> libsndfile1 + rename (bnc#732565) + +--- +Thu Nov 24 01:54:21 UTC 2011 - crrodrig...@opensuse.org + +- use O_CLOEXEC in library code. + +--- New: sndfile-ocloexec.patch Other differences: -- ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.h0kom1/_old 2011-11-28 12:54:22.0 +0100 +++ /var/tmp/diff_new_pack.h0kom1/_new 2011-11-28 12:54:22.0 +0100 @@ -45,6 +45,7 @@ Patch0: libsndfile-example-fix.diff # PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines Patch1: libsndfile-paf-zero-division-fix.diff +Patch2: sndfile-ocloexec.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -56,6 +57,8 @@ %package -n %lname Summary:A Library to Handle Various Audio File Formats Group: System/Libraries +Provides: %{name} = %{version} +Obsoletes: %{name} <= 1.0.25 %description -n %lname Libsndfile is a C library for reading and writing sound files, such @@ -85,10 +88,11 @@ %setup -q %patch0 %patch1 -p1 +%patch2 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter -# autoreconf --force --install +autoreconf --force --install CFLAGS="%{optflags} %{warn_flags}" export CFLAGS %configure --disable-silent-rules \ ++ baselibs.conf ++ --- /var/tmp/diff_new_pack.h0kom1/_old 2011-11-28 12:54:22.0 +0100 +++ /var/tmp/diff_new_pack.h0kom1/_new 2011-11-28 12:54:22.0 +0100 @@ -1 +1,3 @@ libsndfile1 + provides "libsndfile- = " + obsoletes "libsndfile- <= 1.0.25" ++ sndfile-ocloexec.patch ++ --- configure.ac.orig +++ configure.ac @@ -23,7 +23,9 @@ AC_SUBST(ACLOCAL_AMFLAGS, "-I M4") AC_LANG([C]) -AC_PROG_CC +AC_PROG_CC_STDC +AC_USE_SYSTEM_EXTENSIONS +AC_SYS_LARGEFILE AM_PROG_CC_C_O AC_PROG_CXX AC_PROG_SED --- src/file_io.c.orig +++ src/file_io.c @@ -564,6 +564,9 @@ psf_open_fd (PSF_FILE * pfile) return - SFE_BAD_OPEN_MODE ; break ; } ; +#ifdef O_CLOEXEC +oflag |= O_CLOEXEC; +#endif if (mode == 0) fd = open (pfile->path.c, oflag) ; --- Makefile.am.orig +++ Makefile.am @@ -1,5 +1,6 @@ ## Process this file with automake to produce Makefile.in +ACLOCAL_AMFLAGS = -I M4 DISTCHECK_CONFIGURE_FLAGS = --enable-gcc-werror if BUILD_OCTAVE_MOD -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2011-11-23 19:36:08 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile", Maintainer is "ti...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-11-22 17:48:32.0 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2011-11-23 19:36:11.0 +0100 @@ -1,0 +2,5 @@ +Tue Nov 22 19:04:31 UTC 2011 - co...@suse.com + +- fix devel dependency + +--- Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.sZUye4/_old 2011-11-23 19:36:13.0 +0100 +++ /var/tmp/diff_new_pack.sZUye4/_new 2011-11-23 19:36:13.0 +0100 @@ -26,7 +26,7 @@ Group: System/Libraries Source: libsndfile-%{version}.tar.gz Patch: libsndfile-example-fix.diff -URL:http://www.mega-nerd.com/libsndfile/ +Url:http://www.mega-nerd.com/libsndfile/ BuildRoot: %{_tmppath}/%{name}-%{version}-build %description ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.sZUye4/_old 2011-11-23 19:36:13.0 +0100 +++ /var/tmp/diff_new_pack.sZUye4/_new 2011-11-23 19:36:13.0 +0100 @@ -37,7 +37,7 @@ %ifarch ppc64 Obsoletes: libsndfile-64bit %endif -URL:http://www.mega-nerd.com/libsndfile/ +Url:http://www.mega-nerd.com/libsndfile/ # Source: libsndfile-%{version}.tar.gz Source2:baselibs.conf @@ -66,7 +66,7 @@ %package devel Summary:Development package for the libsndfile library Group: Development/Libraries/C and C++ -Requires: %{name} = %{version} +Requires: %{lname} = %{version} Requires: glibc-devel Requires: libstdc++-devel Obsoletes: libsndd -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2011-11-22 17:48:27 Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) Package is "libsndfile", Maintainer is "ti...@suse.com" Changes: --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes 2011-09-23 02:10:48.0 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes 2011-11-22 17:48:32.0 +0100 @@ -1,0 +2,5 @@ +Mon Nov 21 17:30:11 UTC 2011 - jeng...@medozas.de + +- Remove redundant/unwanted tags/section (cf. specfile guidelines) + +--- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes2011-09-23 02:10:48.0 +0200 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2011-11-22 17:48:32.0 +0100 @@ -1,0 +2,5 @@ +Mon Nov 21 17:30:02 UTC 2011 - jeng...@medozas.de + +- Remove redundant/unwanted tags/section (cf. specfile guidelines) + +--- Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.Bv8tX1/_old 2011-11-22 17:48:36.0 +0100 +++ /var/tmp/diff_new_pack.Bv8tX1/_new 2011-11-22 17:48:36.0 +0100 @@ -26,7 +26,7 @@ Group: System/Libraries Source: libsndfile-%{version}.tar.gz Patch: libsndfile-example-fix.diff -Url:http://www.mega-nerd.com/libsndfile/ +URL:http://www.mega-nerd.com/libsndfile/ BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -60,9 +60,6 @@ rm -rf $RPM_BUILD_ROOT%{_includedir} rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libsndfile1-dev -%clean -rm -rf $RPM_BUILD_ROOT - %files %defattr(-, root, root) %{_bindir}/* ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.Bv8tX1/_old 2011-11-22 17:48:36.0 +0100 +++ /var/tmp/diff_new_pack.Bv8tX1/_new 2011-11-22 17:48:36.0 +0100 @@ -18,10 +18,11 @@ Name: libsndfile +%define lname libsndfile1 Version:1.0.25 Release:4 License:LGPLv2.1+ -Summary:A Library to Handle Various Audio File Formats +Summary:Development/Libraries/C and C++ Group: System/Libraries BuildRequires: alsa-devel BuildRequires: flac-devel @@ -36,7 +37,7 @@ %ifarch ppc64 Obsoletes: libsndfile-64bit %endif -Url:http://www.mega-nerd.com/libsndfile/ +URL:http://www.mega-nerd.com/libsndfile/ # Source: libsndfile-%{version}.tar.gz Source2:baselibs.conf @@ -52,8 +53,17 @@ currently read and write 8, 16, 24, and 32-bit PCM files as well as 32-bit floating point WAV files and a number of compressed formats. +%package -n %lname +Summary:A Library to Handle Various Audio File Formats +Group: System/Libraries + +%description -n %lname +Libsndfile is a C library for reading and writing sound files, such +as AIFF, AU, and WAV files, through one standard interface. It can +currently read and write 8, 16, 24, and 32-bit PCM files as well as +32-bit floating point WAV files and a number of compressed formats. + %package devel -License:LGPLv2.1+ Summary:Development package for the libsndfile library Group: Development/Libraries/C and C++ Requires: %{name} = %{version} @@ -99,21 +109,18 @@ make -C examples distclean rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev -%post -p /sbin/ldconfig - -%postun -p /sbin/ldconfig +%post -n %lname -p /sbin/ldconfig -%clean -rm -rf %{buildroot} +%postun -n %lname -p /sbin/ldconfig %check pushd src make check popd -%files +%files -n %lname %defattr(-, root, root) -%{_libdir}/libsndfile.so.* +%{_libdir}/libsndfile.so.1* %files devel %defattr(-, root, root) ++ baselibs.conf ++ --- /var/tmp/diff_new_pack.Bv8tX1/_old 2011-11-22 17:48:36.0 +0100 +++ /var/tmp/diff_new_pack.Bv8tX1/_new 2011-11-22 17:48:36.0 +0100 @@ -1 +1 @@ -libsndfile +libsndfile1 -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at Thu Aug 25 10:11:36 CEST 2011. --- libsndfile/libsndfile-progs.changes 2011-07-18 17:27:21.0 +0200 +++ /mounts/work_src_done/STABLE/libsndfile/libsndfile-progs.changes 2011-07-29 14:48:42.0 +0200 @@ -1,0 +2,5 @@ +Fri Jul 29 14:48:03 CEST 2011 - ti...@suse.de + +- Fix zero-division in PAF parser (bnc#708988) + +--- --- libsndfile/libsndfile.changes 2011-07-28 01:40:56.0 +0200 +++ /mounts/work_src_done/STABLE/libsndfile/libsndfile.changes 2011-08-24 20:08:37.0 +0200 @@ -1,0 +2,11 @@ +Wed Aug 24 18:07:57 UTC 2011 - crrodrig...@opensuse.org + +- Enable speex support +- run make check + +--- +Fri Jul 29 14:48:03 CEST 2011 - ti...@suse.de + +- Fix zero-division in PAF parser (bnc#708988) + +--- calling whatdependson for head-i586 New: libsndfile-paf-zero-division-fix.diff Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.W1ZVE4/_old 2011-08-25 10:07:48.0 +0200 +++ /var/tmp/diff_new_pack.W1ZVE4/_new 2011-08-25 10:07:48.0 +0200 @@ -21,7 +21,7 @@ BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel pkgconfig sqlite-devel Summary:Example Programs for libsndfile Version:1.0.25 -Release:2 +Release:3 License:LGPLv2.1+ Group: System/Libraries Source: libsndfile-%{version}.tar.gz ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.W1ZVE4/_old 2011-08-25 10:07:48.0 +0200 +++ /var/tmp/diff_new_pack.W1ZVE4/_new 2011-08-25 10:07:48.0 +0200 @@ -18,23 +18,32 @@ Name: libsndfile -BuildRequires: alsa-devel flac-devel gcc-c++ libvorbis-devel pkg-config sqlite-devel -Summary:A Library to Handle Various Audio File Formats Version:1.0.25 -Release:2 +Release:4 License:LGPLv2.1+ +Summary:A Library to Handle Various Audio File Formats Group: System/Libraries +BuildRequires: alsa-devel +BuildRequires: flac-devel +BuildRequires: gcc-c++ +BuildRequires: libvorbis-devel +BuildRequires: pkg-config +BuildRequires: sqlite-devel +BuildRequires: speex-devel Obsoletes: libsnd Provides: libsnd # bug437293 %ifarch ppc64 Obsoletes: libsndfile-64bit %endif +Url:http://www.mega-nerd.com/libsndfile/ # Source: libsndfile-%{version}.tar.gz Source2:baselibs.conf -Patch: libsndfile-example-fix.diff -Url:http://www.mega-nerd.com/libsndfile/ +# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines +Patch0: libsndfile-example-fix.diff +# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines +Patch1: libsndfile-paf-zero-division-fix.diff BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -43,17 +52,13 @@ currently read and write 8, 16, 24, and 32-bit PCM files as well as 32-bit floating point WAV files and a number of compressed formats. - - -Authors: - -Erik de Castro Lopo - %package devel License:LGPLv2.1+ Summary:Development package for the libsndfile library Group: Development/Libraries/C and C++ -Requires: %{name} = %{version} glibc-devel libstdc++-devel +Requires: %{name} = %{version} +Requires: glibc-devel +Requires: libstdc++-devel Obsoletes: libsndd Provides: libsndd # bug437293 @@ -66,44 +71,45 @@ This package contains the files needed to compile programs that use the libsndfile library. - - -Authors: - -Erik de Castro Lopo - %prep %setup -q -%patch +%patch0 +%patch1 -p1 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter # autoreconf --force --install -CFLAGS="$RPM_OPT_FLAGS %{warn_flags}" +CFLAGS="%{optflags} %{warn_flags}" export CFLAGS %configure --disable-silent-rules \ --disable-static \ --enable-sqlite \ - --with-pic + --with-pic \ +--enable-experimental make %{?_smp_mflags} %install -make DESTDIR="$RPM_BUILD_ROOT" install +%make_install # remove unnecessary files -rm -f $RPM_BUILD_ROOT%{_libdir}/*.la +rm -f %{buildroot}%{_libdir}/*.la # remove programs; built in another spec file -rm -rf $RPM_BUILD_ROOT%{_bindir} -rm -rf $RPM_BUILD_ROOT%{_mandir}/man1 +rm -rf %{buildroot}%{_bindir} +rm -rf %{buildroot}%{_mandir}/man1 # remove binaries from examples directory make -C examples distclean -rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/libsndfile1-dev +rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at Fri Jul 29 09:09:28 CEST 2011. --- libsndfile/libsndfile.changes 2011-07-18 17:27:22.0 +0200 +++ /mounts/work_src_done/STABLE/libsndfile/libsndfile.changes 2011-07-28 01:40:56.0 +0200 @@ -1,0 +2,6 @@ +Wed Jul 27 23:39:43 UTC 2011 - crrodrig...@opensuse.org + +- Remove -fno-strict-aliasing from cflags, no longer needed +- disable automake silent rules. + +--- calling whatdependson for head-i586 Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.ZXE4T0/_old 2011-07-29 09:08:11.0 +0200 +++ /var/tmp/diff_new_pack.ZXE4T0/_new 2011-07-29 09:08:11.0 +0200 @@ -21,7 +21,7 @@ BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel pkgconfig sqlite-devel Summary:Example Programs for libsndfile Version:1.0.25 -Release:1 +Release:2 License:LGPLv2.1+ Group: System/Libraries Source: libsndfile-%{version}.tar.gz @@ -45,13 +45,13 @@ %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter # autoreconf --force --install -CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing %{warn_flags}" +CFLAGS="$RPM_OPT_FLAGS %{warn_flags}" export CFLAGS -%configure \ +%configure --disable-silent-rules \ --disable-static \ --enable-sqlite \ --with-pic -make +make %{?_smp_mflags} %install make DESTDIR="$RPM_BUILD_ROOT" install ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.ZXE4T0/_old 2011-07-29 09:08:11.0 +0200 +++ /var/tmp/diff_new_pack.ZXE4T0/_new 2011-07-29 09:08:11.0 +0200 @@ -21,7 +21,7 @@ BuildRequires: alsa-devel flac-devel gcc-c++ libvorbis-devel pkg-config sqlite-devel Summary:A Library to Handle Various Audio File Formats Version:1.0.25 -Release:1 +Release:2 License:LGPLv2.1+ Group: System/Libraries Obsoletes: libsnd @@ -79,9 +79,9 @@ %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter # autoreconf --force --install -CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing %{warn_flags}" +CFLAGS="$RPM_OPT_FLAGS %{warn_flags}" export CFLAGS -%configure \ +%configure --disable-silent-rules \ --disable-static \ --enable-sqlite \ --with-pic Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at Tue Jul 19 13:47:14 CEST 2011. --- libsndfile/libsndfile-progs.changes 2011-03-23 14:06:37.0 +0100 +++ /mounts/work_src_done/STABLE/libsndfile/libsndfile-progs.changes 2011-07-18 17:27:21.0 +0200 @@ -1,0 +2,7 @@ +Mon Jul 18 17:23:30 CEST 2011 - ti...@suse.de + +- updated to version 1.0.25: + Fix for Secunia Advisory SA45125 (CVE-2011-2696, bnc#705681) + Minor bug fixes and improvements + +--- libsndfile.changes: same change calling whatdependson for head-i586 Old: libsndfile-1.0.24.tar.bz2 New: libsndfile-1.0.25.tar.gz Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.JWQP0u/_old 2011-07-19 13:39:03.0 +0200 +++ /var/tmp/diff_new_pack.JWQP0u/_new 2011-07-19 13:39:03.0 +0200 @@ -20,11 +20,11 @@ Name: libsndfile-progs BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel pkgconfig sqlite-devel Summary:Example Programs for libsndfile -Version:1.0.24 +Version:1.0.25 Release:1 License:LGPLv2.1+ Group: System/Libraries -Source: libsndfile-%{version}.tar.bz2 +Source: libsndfile-%{version}.tar.gz Patch: libsndfile-example-fix.diff Url:http://www.mega-nerd.com/libsndfile/ BuildRoot: %{_tmppath}/%{name}-%{version}-build ++ libsndfile.spec ++ --- /var/tmp/diff_new_pack.JWQP0u/_old 2011-07-19 13:39:03.0 +0200 +++ /var/tmp/diff_new_pack.JWQP0u/_new 2011-07-19 13:39:03.0 +0200 @@ -20,7 +20,7 @@ Name: libsndfile BuildRequires: alsa-devel flac-devel gcc-c++ libvorbis-devel pkg-config sqlite-devel Summary:A Library to Handle Various Audio File Formats -Version:1.0.24 +Version:1.0.25 Release:1 License:LGPLv2.1+ Group: System/Libraries @@ -31,7 +31,7 @@ Obsoletes: libsndfile-64bit %endif # -Source: libsndfile-%{version}.tar.bz2 +Source: libsndfile-%{version}.tar.gz Source2:baselibs.conf Patch: libsndfile-example-fix.diff Url:http://www.mega-nerd.com/libsndfile/ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org
commit libsndfile for openSUSE:Factory
Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at Thu Mar 24 09:15:32 CET 2011. --- libsndfile/libsndfile-progs.changes 2010-10-13 00:51:12.0 +0200 +++ /mounts/work_src_done/STABLE/libsndfile/libsndfile-progs.changes 2011-03-23 14:06:37.0 +0100 @@ -1,0 +2,11 @@ +Wed Mar 23 13:01:06 UTC 2011 - oliver.be...@opensuse.org + +- Update to version 1.0.24 +- Upstream changes : + * WAV files are now written with an 18 byte u-law and A-law fmt chunk + * A document on virtual I/O functionality was added + * Two new methods were added in sndfile.hh + * A fix was made for a non-zero SSND offset values on AIFF + * Minor bug fixes and improvements were done + +--- --- libsndfile/libsndfile.changes 2010-10-13 00:43:52.0 +0200 +++ /mounts/work_src_done/STABLE/libsndfile/libsndfile.changes 2011-03-23 14:06:38.0 +0100 @@ -1,0 +2,11 @@ +Wed Mar 23 12:58:38 UTC 2011 - oliver.be...@opensuse.org + +- Update to version 1.0.24 +- Upstream changes : + * WAV files are now written with an 18 byte u-law and A-law fmt chunk + * A document on virtual I/O functionality was added + * Two new methods were added in sndfile.hh + * A fix was made for a non-zero SSND offset values on AIFF + * Minor bug fixes and improvements were done + +--- calling whatdependson for head-i586 Old: libsndfile-1.0.23.tar.bz2 New: libsndfile-1.0.24.tar.bz2 Other differences: -- ++ libsndfile-progs.spec ++ --- /var/tmp/diff_new_pack.4WAMmO/_old 2011-03-24 09:15:11.0 +0100 +++ /var/tmp/diff_new_pack.4WAMmO/_new 2011-03-24 09:15:11.0 +0100 @@ -1,7 +1,7 @@ # -# spec file for package libsndfile-progs (Version 1.0.23) +# spec file for package libsndfile-progs # -# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,7 +20,7 @@ Name: libsndfile-progs BuildRequires: alsa-devel flac-devel gcc-c++ libjack-devel libvorbis-devel pkgconfig sqlite-devel Summary:Example Programs for libsndfile -Version:1.0.23 +Version:1.0.24 Release:1 License:LGPLv2.1+ Group: System/Libraries libsndfile.spec: same change ++ libsndfile-1.0.23.tar.bz2 -> libsndfile-1.0.24.tar.bz2 ++ 3 lines of diff (skipped) Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org