commit libvorbis for openSUSE:Factory

2020-07-13 Thread root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2020-07-14 07:43:12

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new.3060 (New)


Package is "libvorbis"

Tue Jul 14 07:43:12 2020 rev:52 rq:819992 version:1.3.7

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2018-06-08 
23:10:34.782649932 +0200
+++ /work/SRC/openSUSE:Factory/.libvorbis.new.3060/libvorbis.changes
2020-07-14 07:43:27.498718138 +0200
@@ -1,0 +2,26 @@
+Fri Jul 10 10:14:43 UTC 2020 - Martin Hauke 
+
+- Update to version 1.3.7
+  * Fix CVE-2018-10392 and CVE-2018-10393 - out-of-bounds read
+encoding very low sample rates
+  * Fix CVE-2017-14160 - out-of-bounds read encoding very low
+sample rates.
+  * Fix handling invalid bytes per sample arguments.
+  * Fix handling invalid channel count arguments.
+  * Fix invalid free on seek failure.
+  * Fix negative shift reading blocksize.
+  * Fix accepting unreasonable float32 values.
+  * Fix tag comparison depending on locale.
+  * Fix unnecessarily linking libm.
+  * Fix memory leak in test_sharedbook.
+  * Distribute CMake build files with the source package.
+  * Remove unnecessary configure --target switch.
+  * Add OSS-Fuzz support.
+  * Build system and integration updates.
+- Drop not longer needed patches (fixed by upstream):
+  * vorbis-CVE-2017-14160.patch
+  * vorbis-CVE-2018-10392.patch
+  * vorbis-CVE-2018-10393.patch
+- Add source verification
+
+---

Old:

  libvorbis-1.3.6.tar.xz
  vorbis-CVE-2017-14160.patch
  vorbis-CVE-2018-10392.patch
  vorbis-CVE-2018-10393.patch

New:

  libvorbis-1.3.7.tar.xz
  libvorbis-1.3.7.tar.xz.asc
  libvorbis.keyring



Other differences:
--
++ libvorbis-doc.spec ++
--- /var/tmp/diff_new_pack.lGfyrL/_old  2020-07-14 07:43:31.634731490 +0200
+++ /var/tmp/diff_new_pack.lGfyrL/_new  2020-07-14 07:43:31.638731503 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package libvorbis-doc
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
@@ -23,13 +23,15 @@
 %endif
 
 Name:   libvorbis-doc
-Version:1.3.6
+Version:1.3.7
 Release:0
 Summary:Documentation of Ogg/Vorbis library
 License:BSD-3-Clause
 Group:  Documentation/Other
-Url:http://www.vorbis.com/
-Source: 
http://downloads.xiph.org/releases/vorbis/libvorbis-%{version}.tar.xz
+URL:https://www.vorbis.com/
+Source: 
https://downloads.xiph.org/releases/vorbis/libvorbis-%{version}.tar.xz
+Source1:
https://downloads.xiph.org/releases/vorbis/libvorbis-%{version}.tar.xz.asc
+Source99:   libvorbis.keyring
 Patch1: libvorbis-lib64.dif
 Patch2: libvorbis-m4.dif
 Patch12:vorbis-ocloexec.patch

++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.lGfyrL/_old  2020-07-14 07:43:31.662731581 +0200
+++ /var/tmp/diff_new_pack.lGfyrL/_new  2020-07-14 07:43:31.666731593 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package libvorbis
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -12,25 +12,24 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via http://bugs.opensuse.org/
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
 #
 
 
 Name:   libvorbis
-Version:1.3.6
+Version:1.3.7
 Release:0
 Summary:The Vorbis General Audio Compression Codec
 License:BSD-3-Clause
 Group:  System/Libraries
-Url:http://www.vorbis.com/
-Source: 
http://downloads.xiph.org/releases/vorbis/%{name}-%{version}.tar.xz
-Source1:baselibs.conf
+URL:http://www.vorbis.com/
+Source: 
https://downloads.xiph.org/releases/vorbis/%{name}-%{version}.tar.xz
+Source1:
https://downloads.xiph.org/releases/vorbis/libvorbis-%{version}.tar.xz.asc
+Source10:   baselibs.conf
+Source99:

commit libvorbis for openSUSE:Factory

2018-06-08 Thread root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2018-06-08 23:10:29

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is "libvorbis"

Fri Jun  8 23:10:29 2018 rev:51 rq:614217 version:1.3.6

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2018-05-06 
15:00:58.138126005 +0200
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2018-06-08 
23:10:34.782649932 +0200
@@ -1,0 +2,9 @@
+Tue Jun  5 11:37:54 CEST 2018 - ti...@suse.de
+
+- Replace vorbis-CVE-2017-14160.patch with the upstream fix
+  (commit 018ca26dece6), refresh vorbis-CVE-2018-10393.patch
+- Fix the validation of channels in mapping0_forward()
+  (CVE-2018-10392, bsc#1091070):
+  vorbis-CVE-2018-10392.patch
+
+---

New:

  vorbis-CVE-2018-10392.patch



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.O8D1I0/_old  2018-06-08 23:10:38.182527176 +0200
+++ /var/tmp/diff_new_pack.O8D1I0/_new  2018-06-08 23:10:38.206526310 +0200
@@ -30,6 +30,7 @@
 Patch12:vorbis-ocloexec.patch
 Patch101:   vorbis-CVE-2017-14160.patch
 Patch102:   vorbis-CVE-2018-10393.patch
+Patch103:   vorbis-CVE-2018-10392.patch
 BuildRequires:  libogg-devel
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
@@ -120,6 +121,7 @@
 %patch12
 %patch101 -p1
 %patch102 -p1
+%patch103 -p1
 
 %build
 # Fix optimization level

++ vorbis-CVE-2017-14160.patch ++
--- /var/tmp/diff_new_pack.O8D1I0/_old  2018-06-08 23:10:38.254524576 +0200
+++ /var/tmp/diff_new_pack.O8D1I0/_new  2018-06-08 23:10:38.254524576 +0200
@@ -1,53 +1,27 @@
-From 98a60969315dba8c1e8231f561e1551670bc80ae Mon Sep 17 00:00:00 2001
-Message-Id: 
<98a60969315dba8c1e8231f561e1551670bc80ae.1511192857.git@sigxcpu.org>
-From: =?UTF-8?q?Guido=20G=C3=BCnther?= 
-Date: Wed, 15 Nov 2017 13:12:00 +0100
-Subject: [PATCH] CVE-2017-14160: make sure we don't overflow
+From 018ca26dece618457dd13585cad52941193c4a25 Mon Sep 17 00:00:00 2001
+From: Thomas Daede 
+Date: Wed, 9 May 2018 14:56:59 -0700
+Subject: [PATCH] CVE-2017-14160: fix bounds check on very low sample rates.
 
 ---
- lib/psy.c |9 -
- 1 file changed, 4 insertions(+), 5 deletions(-)
+ lib/psy.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
 
+diff --git a/lib/psy.c b/lib/psy.c
+index 422c6f1e412d..13101230ea3a 100644
 --- a/lib/psy.c
 +++ b/lib/psy.c
-@@ -599,7 +599,7 @@ static void bark_noise_hybridmp(int n,co
- XY[i] = tXY;
-   }
- 
--  for (i = 0, x = 0.f;; i++, x += 1.f) {
-+  for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
- 
- lo = b[i] >> 16;
- if( lo>=0 ) break;
-@@ -621,12 +621,11 @@ static void bark_noise_hybridmp(int n,co
- noise[i] = R - offset;
-   }
- 
--  for ( ;; i++, x += 1.f) {
-+  for ( ; i < n; i++, x += 1.f) {
+@@ -602,8 +602,9 @@ static void bark_noise_hybridmp(int n,const long *b,
+   for (i = 0, x = 0.f;; i++, x += 1.f) {
  
  lo = b[i] >> 16;
+-if( lo>=0 ) break;
  hi = b[i] & 0x;
- if(hi>=n)break;
--
- tN = N[hi] - N[lo];
- tX = X[hi] - X[lo];
- tXX = XX[hi] - XX[lo];
-@@ -651,7 +650,7 @@ static void bark_noise_hybridmp(int n,co
++if( lo>=0 ) break;
++if( hi>=n ) break;
  
-   if (fixed <= 0) return;
- 
--  for (i = 0, x = 0.f;; i++, x += 1.f) {
-+  for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
- hi = i + fixed / 2;
- lo = hi - fixed;
- if(lo>=0)break;
-@@ -670,7 +669,7 @@ static void bark_noise_hybridmp(int n,co
- 
- if (R - offset < noise[i]) noise[i] = R - offset;
-   }
--  for ( ;; i++, x += 1.f) {
-+  for ( ; i < n; i++, x += 1.f) {
- 
- hi = i + fixed / 2;
- lo = hi - fixed;
+ tN = N[hi] + N[-lo];
+ tX = X[hi] - X[-lo];
+-- 
+2.17.0
+

++ vorbis-CVE-2018-10392.patch ++
>From 112d3bd0aaacad51305e1464d4b381dabad0e88b Mon Sep 17 00:00:00 2001
From: Thomas Daede 
Date: Thu, 17 May 2018 16:19:19 -0700
Subject: [PATCH] Sanity check number of channels in setup.

Fixes #2335.
---
 lib/vorbisenc.c |1 +
 1 file changed, 1 insertion(+)

--- a/lib/vorbisenc.c
+++ b/lib/vorbisenc.c
@@ -684,6 +684,7 @@ int vorbis_encode_setup_init(vorbis_info
   highlevel_encode_setup *hi=>hi;
 
   if(ci==NULL)return(OV_EINVAL);
+  if(vi->channels<1||vi->channels>255)return(OV_EINVAL);
   if(!hi->impulse_block_p)i0=1;
 
   /* too low/high an ATH floater is nonsensical, but doesn't break anything */
++ vorbis-CVE-2018-10393.patch ++
--- /var/tmp/diff_new_pack.O8D1I0/_old  2018-06-08 23:10:38.382519955 +0200
+++ /var/tmp/diff_new_pack.O8D1I0/_new  2018-06-08 23:10:38.386519811 +0200
@@ -1,27 +1,26 @@
 ---
- lib/psy.c |5

commit libvorbis for openSUSE:Factory

2018-05-06 Thread root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2018-05-06 15:00:56

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is "libvorbis"

Sun May  6 15:00:56 2018 rev:50 rq:604034 version:1.3.6

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2018-03-22 
11:58:42.591458369 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2018-05-06 
15:00:58.138126005 +0200
@@ -1,0 +2,10 @@
+Thu May  3 15:56:28 CEST 2018 - ti...@suse.de
+
+- Fix out-of-bounds access inside bark_noise_hybridmp function
+  (CVE-2017-14160, bsc#1059812):
+  downstream fix: vorbis-CVE-2017-14160.patch
+- Fix stack-basedbuffer over-read in bark_noise_hybridm
+  (CVE-2018-10393, bsc#1091072):
+  downstream fix: vorbis-CVE-2018-10393.patch
+  
+---

New:

  vorbis-CVE-2017-14160.patch
  vorbis-CVE-2018-10393.patch



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.bmPoSJ/_old  2018-05-06 15:00:58.934096791 +0200
+++ /var/tmp/diff_new_pack.bmPoSJ/_new  2018-05-06 15:00:58.938096644 +0200
@@ -28,6 +28,8 @@
 Patch1: libvorbis-lib64.dif
 Patch2: libvorbis-m4.dif
 Patch12:vorbis-ocloexec.patch
+Patch101:   vorbis-CVE-2017-14160.patch
+Patch102:   vorbis-CVE-2018-10393.patch
 BuildRequires:  libogg-devel
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
@@ -116,6 +118,8 @@
 %patch1
 fi
 %patch12
+%patch101 -p1
+%patch102 -p1
 
 %build
 # Fix optimization level

++ vorbis-CVE-2017-14160.patch ++
>From 98a60969315dba8c1e8231f561e1551670bc80ae Mon Sep 17 00:00:00 2001
Message-Id: 
<98a60969315dba8c1e8231f561e1551670bc80ae.1511192857.git@sigxcpu.org>
From: =?UTF-8?q?Guido=20G=C3=BCnther?= 
Date: Wed, 15 Nov 2017 13:12:00 +0100
Subject: [PATCH] CVE-2017-14160: make sure we don't overflow

---
 lib/psy.c |9 -
 1 file changed, 4 insertions(+), 5 deletions(-)

--- a/lib/psy.c
+++ b/lib/psy.c
@@ -599,7 +599,7 @@ static void bark_noise_hybridmp(int n,co
 XY[i] = tXY;
   }
 
-  for (i = 0, x = 0.f;; i++, x += 1.f) {
+  for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
 
 lo = b[i] >> 16;
 if( lo>=0 ) break;
@@ -621,12 +621,11 @@ static void bark_noise_hybridmp(int n,co
 noise[i] = R - offset;
   }
 
-  for ( ;; i++, x += 1.f) {
+  for ( ; i < n; i++, x += 1.f) {
 
 lo = b[i] >> 16;
 hi = b[i] & 0x;
 if(hi>=n)break;
-
 tN = N[hi] - N[lo];
 tX = X[hi] - X[lo];
 tXX = XX[hi] - XX[lo];
@@ -651,7 +650,7 @@ static void bark_noise_hybridmp(int n,co
 
   if (fixed <= 0) return;
 
-  for (i = 0, x = 0.f;; i++, x += 1.f) {
+  for (i = 0, x = 0.f; i < n; i++, x += 1.f) {
 hi = i + fixed / 2;
 lo = hi - fixed;
 if(lo>=0)break;
@@ -670,7 +669,7 @@ static void bark_noise_hybridmp(int n,co
 
 if (R - offset < noise[i]) noise[i] = R - offset;
   }
-  for ( ;; i++, x += 1.f) {
+  for ( ; i < n; i++, x += 1.f) {
 
 hi = i + fixed / 2;
 lo = hi - fixed;
++ vorbis-CVE-2018-10393.patch ++
---
 lib/psy.c |5 -
 1 file changed, 4 insertions(+), 1 deletion(-)

--- a/lib/psy.c
+++ b/lib/psy.c
@@ -604,6 +604,7 @@ static void bark_noise_hybridmp(int n,co
 lo = b[i] >> 16;
 if( lo>=0 ) break;
 hi = b[i] & 0x;
+if( hi>=n || -lo >=n ) break;
 
 tN = N[hi] + N[-lo];
 tX = X[hi] - X[-lo];
@@ -625,7 +626,7 @@ static void bark_noise_hybridmp(int n,co
 
 lo = b[i] >> 16;
 hi = b[i] & 0x;
-if(hi>=n)break;
+if( hi>=n || lo >=n ) break;
 tN = N[hi] - N[lo];
 tX = X[hi] - X[lo];
 tXX = XX[hi] - XX[lo];
@@ -654,6 +655,7 @@ static void bark_noise_hybridmp(int n,co
 hi = i + fixed / 2;
 lo = hi - fixed;
 if(lo>=0)break;
+if( hi>=n || -lo >=n ) break;
 
 tN = N[hi] + N[-lo];
 tX = X[hi] - X[-lo];
@@ -674,6 +676,7 @@ static void bark_noise_hybridmp(int n,co
 hi = i + fixed / 2;
 lo = hi - fixed;
 if(hi>=n)break;
+if( hi>=n || lo >=n ) break;
 
 tN = N[hi] - N[lo];
 tX = X[hi] - X[lo];

commit libvorbis for openSUSE:Factory

2018-03-22 Thread root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2018-03-22 11:55:59

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is "libvorbis"

Thu Mar 22 11:55:59 2018 rev:49 rq:588197 version:1.3.6

Changes:

New Changes file:

--- /dev/null   2018-03-01 08:56:54.644963210 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis-doc.changes 
2018-03-22 11:58:41.983480171 +0100
@@ -0,0 +1,5 @@
+---
+Sat Mar 17 14:55:12 CET 2018 - ti...@suse.de
+
+- Split from libvorbis.spec to reduce the build dependencies
+
--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2017-12-21 
11:27:32.348828337 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2018-03-22 
11:58:42.591458369 +0100
@@ -1,0 +2,36 @@
+Sat Mar 17 14:54:44 CET 2018 - ti...@suse.de
+
+- Split libvorbis-doc subpackage to a separate spec file for
+  reducing the dependencies
+
+---
+Fri Mar 16 22:12:35 CET 2018 - ti...@suse.de
+
+- Update to version 1.3.6:
+  * Fix CVE-2018-5146 - out-of-bounds write on codebook decoding.
+  * Fix CVE-2017-14632 - free() on unitialized data
+  * Fix CVE-2017-14633 - out-of-bounds read
+  * Fix bitrate metadata parsing.
+  * Fix out-of-bounds read in codebook parsing.
+  * Fix residue vector size in Vorbis I spec.
+  * Appveyor support
+  * Travis CI support
+  * Add secondary CMake build system.
+  * Build system fixes
+- Build documents with doxygen, and many tex stuff;
+  this requires to disable parallel builds partially
+- Move COPYING to license directory
+- Drop obsoleted patches:
+  vorbis-fix-linking.patch
+  0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
+  0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
+  libvorbis-CVE-2018-5146.patch
+
+---
+Fri Mar 16 20:02:45 CET 2018 - ti...@suse.de
+
+- Fix VUL-0: libvorbis: Out of bounds memory write while processing
+  Vorbis audio data (CVE-2018-5146, bsc#1085687):
+  libvorbis-CVE-2018-5146.patch
+
+---

Old:

  0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
  0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
  libvorbis-1.3.5.tar.xz
  vorbis-fix-linking.patch

New:

  libvorbis-1.3.6.tar.xz
  libvorbis-doc.changes
  libvorbis-doc.spec



Other differences:
--
++ libvorbis-doc.spec ++
#
# spec file for package libvorbis-doc
#
# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via http://bugs.opensuse.org/
#


%if 0%{?suse_version} > 1320
%define build_docs 1
%else
%define build_docs 0
%endif

Name:   libvorbis-doc
Version:1.3.6
Release:0
Summary:Documentation of Ogg/Vorbis library
License:BSD-3-Clause
Group:  Documentation/Other
Url:http://www.vorbis.com/
Source: 
http://downloads.xiph.org/releases/vorbis/libvorbis-%{version}.tar.xz
Patch1: libvorbis-lib64.dif
Patch2: libvorbis-m4.dif
Patch12:vorbis-ocloexec.patch
BuildRequires:  fdupes
BuildRequires:  libogg-devel
BuildRequires:  libtool
BuildRequires:  pkgconfig
BuildRequires:  xz
%if %build_docs
BuildRequires:  doxygen
BuildRequires:  texlive-babel-english
BuildRequires:  texlive-latex
BuildRequires:  texlive-tex4ht
BuildRequires:  tex(a4wide.sty)
BuildRequires:  tex(capt-of.sty)
BuildRequires:  tex(csquotes.sty)
BuildRequires:  tex(enumitem.sty)
BuildRequires:  tex(fancyvrb.sty)
BuildRequires:  tex(grffile.sty)
BuildRequires:  tex(parskip.sty)
BuildRequires:  tex(ulem.sty)
BuildRequires:  tex(underscore.sty)
%endif
BuildRoot:  %{_tmppath}/%{name}-%{version}-build
BuildArch:  noarch

%description
This package contains documents for Ogg/Vorbis library, including the
API reference.

%prep
%setup -q -n libvorbis-%{version}
%patch2
# %%patch5 -p1
if [ "%{_lib}" == "lib64" ]; then
%patch1
fi
%patch12

commit libvorbis for openSUSE:Factory

2017-12-21 Thread root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2017-12-21 11:27:31

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is "libvorbis"

Thu Dec 21 11:27:31 2017 rev:48 rq:558541 version:1.3.5

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2016-12-02 
16:38:12.0 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2017-12-21 
11:27:32.348828337 +0100
@@ -1,0 +2,11 @@
+Tue Dec 19 14:32:18 CET 2017 - ti...@suse.de
+
+- Fix VUL-0: out-of-bounds array read vulnerability exists in
+  function mapping0_forward() (CVE-2017-14633, bsc#1059811):
+  0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
+- Fix VUL-0: Remote Code Execution upon freeing uninitialized
+  memory in function vorbis_analysis_headerout(CVE-2017-14632,
+  bsc#1059809):
+  0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
+
+---

New:

  0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
  0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.9IaHYV/_old  2017-12-21 11:27:33.184787576 +0100
+++ /var/tmp/diff_new_pack.9IaHYV/_new  2017-12-21 11:27:33.188787381 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libvorbis
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -32,6 +32,8 @@
 # PATCH-FIX-UPSTREAM libvorbis-pkgconfig.patch 
https://trac.xiph.org/ticket/1759 reddw...@opensuse.org -- Use 
Requires/Libs.private to avoid overlinking
 Patch11:vorbis-fix-linking.patch
 Patch12:vorbis-ocloexec.patch
+Patch21:0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
+Patch22:0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
 BuildRequires:  fdupes
 BuildRequires:  libogg-devel
 BuildRequires:  libtool
@@ -53,9 +55,9 @@
 
 %package -n libvorbis0
 Summary:The Vorbis General Audio Compression Codec
-Group:  System/Libraries
 #
 # libvorbis was last used in openSUSE 11.3
+Group:  System/Libraries
 Provides:   %{name} = 1.3.2
 Obsoletes:  %{name} < 1.3.2
 # bug437293 (SLES10 -> SLES11 upgrade path)
@@ -133,6 +135,8 @@
 fi
 %patch11 -p1
 %patch12
+%patch21 -p1
+%patch22 -p1
 
 %build
 # Fix optimization level

++ 0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch ++
>From a79ec216cd119069c68b8f3542c6a425a74ab993 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Guido=20G=C3=BCnther?= 
Date: Tue, 31 Oct 2017 18:32:46 +0100
Subject: [PATCH] CVE-2017-14633: Don't allow for more than 256 channels

Otherwise

 for(i=0;ichannels;i++){
  /* the encoder setup assumes that all the modes used by any
 specific bitrate tweaking use the same floor */
  int submap=info->chmuxlist[i];

overreads later in mapping0_forward since chmuxlist is a fixed array of
256 elements max.
---
 lib/info.c |2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

--- a/lib/info.c
+++ b/lib/info.c
@@ -583,7 +583,7 @@ int vorbis_analysis_headerout(vorbis_dsp
   oggpack_buffer opb;
   private_state *b=v->backend_state;
 
-  if(!b||vi->channels<=0){
+  if(!b||vi->channels<=0||vi->channels>256){
 ret=OV_EFAULT;
 goto err_out;
   }
++ 0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch ++
>From c1c2831fc7306d5fbd7bc800324efd12b28d327f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Guido=20G=C3=BCnther?= 
Date: Wed, 15 Nov 2017 18:22:59 +0100
Subject: [PATCH] CVE-2017-14632: vorbis_analysis_header_out: Don't clear opb
 if not initialized

If the number of channels is not within the allowed range
we call oggback_writeclear altough it's not initialized yet.

This fixes

=23371== Invalid free() / delete / delete[] / realloc()
==23371==at 0x4C2CE1B: free (vg_replace_malloc.c:530)
==23371==by 0x829CA31: oggpack_writeclear (in 
/usr/lib/x86_64-linux-gnu/libogg.so.0.8.2)
==23371==by 0x84B96EE: vorbis_analysis_headerout (info.c:652)
==23371==by 0x9FBCBCC: ??? (in 
/usr/lib/x86_64-linux-gnu/sox/libsox_fmt_vorbis.so)
==23371==by 0x4E524F1: ??? (in 
/usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
==23371==by 0x4E52CCA: sox_open_write (in 
/usr/lib/x86_64-linux-gnu/libsox.so.2.0.1)
==23371==by 0x10D82A: open_output_file (sox.c:1556)
==23371==

commit libvorbis for openSUSE:Factory

2016-12-02 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2016-12-02 16:38:11

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is "libvorbis"

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2015-03-16 
06:56:26.0 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2016-12-02 
16:38:12.0 +0100
@@ -1,0 +2,5 @@
+Tue Nov 29 12:14:08 UTC 2016 - aloi...@gmx.com
+
+- Added 32bit libvorbis-devel in baselibs.conf
+
+---



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.741UZA/_old  2016-12-02 16:38:13.0 +0100
+++ /var/tmp/diff_new_pack.741UZA/_new  2016-12-02 16:38:13.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libvorbis
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -24,7 +24,7 @@
 Group:  System/Libraries
 Url:http://www.vorbis.com/
 Source: 
http://downloads.xiph.org/releases/vorbis/%{name}-%{version}.tar.xz
-Source2:baselibs.conf
+Source1:baselibs.conf
 Patch1: libvorbis-lib64.dif
 Patch2: libvorbis-m4.dif
 # URL http://www.geocities.jp/aoyoume/aotuv/

++ baselibs.conf ++
--- /var/tmp/diff_new_pack.741UZA/_old  2016-12-02 16:38:13.0 +0100
+++ /var/tmp/diff_new_pack.741UZA/_new  2016-12-02 16:38:13.0 +0100
@@ -3,3 +3,8 @@
   targettype 32bit obsoletes "libvorbis- < 1.3.2"
 libvorbisenc2
 libvorbisfile3
+libvorbis-devel
+requires "libvorbis0- = "
+requires "libvorbisenc2- = "
+requires "libvorbisfile3- = "
+

commit libvorbis for openSUSE:Factory

2015-03-15 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2015-03-16 06:56:24

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2014-08-20 
17:53:50.0 +0200
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2015-03-16 
06:56:26.0 +0100
@@ -1,0 +2,13 @@
+Fri Mar  6 15:23:26 UTC 2015 - mplus...@suse.com
+
+- Cleanup spec file with spec-cleaner
+- Update to 1.3.5
+  * Tolerate single-entry codebooks.
+  * Fix decoder crash with invalid input.
+  * Fix encoder crash with non-positive sample rates.
+  * Fix issues in vorbisfile's seek bisection code.
+  * Spec errata.
+  * Reject multiple headers of the same type.
+  * Various build fixes and code cleanup.
+
+---

Old:

  libvorbis-1.3.4.tar.xz

New:

  libvorbis-1.3.5.tar.xz



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.Hy2ZjX/_old  2015-03-16 06:56:27.0 +0100
+++ /var/tmp/diff_new_pack.Hy2ZjX/_new  2015-03-16 06:56:27.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libvorbis
 #
-# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,18 +17,12 @@
 
 
 Name:   libvorbis
-Version:1.3.4
+Version:1.3.5
 Release:0
-#to_be_filled_by_service
 Summary:The Vorbis General Audio Compression Codec
 License:BSD-3-Clause
 Group:  System/Libraries
 Url:http://www.vorbis.com/
-# bug437293 (SLES10 - SLES11 upgrade path)
-%ifarch ppc64
-Obsoletes:  libvorbis-64bit
-%endif
-#
 Source: 
http://downloads.xiph.org/releases/vorbis/%{name}-%{version}.tar.xz
 Source2:baselibs.conf
 Patch1: libvorbis-lib64.dif
@@ -44,6 +38,10 @@
 BuildRequires:  pkgconfig
 BuildRequires:  xz
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
+# bug437293 (SLES10 - SLES11 upgrade path)
+%ifarch ppc64
+Obsoletes:  libvorbis-64bit
+%endif
 
 %description
 Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and
@@ -54,17 +52,16 @@
 libmatroska (matroska) can also be used.
 
 %package -n libvorbis0
-
 Summary:The Vorbis General Audio Compression Codec
 Group:  System/Libraries
-# bug437293 (SLES10 - SLES11 upgrade path)
-%ifarch ppc64
-Obsoletes:  libvorbis-64bit
-%endif
 #
 # libvorbis was last used in openSUSE 11.3
 Provides:   %{name} = 1.3.2
 Obsoletes:  %{name}  1.3.2
+# bug437293 (SLES10 - SLES11 upgrade path)
+%ifarch ppc64
+Obsoletes:  libvorbis-64bit
+%endif
 
 %description -n libvorbis0
 Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and
@@ -75,7 +72,6 @@
 libmatroska (matroska) can also be used.
 
 %package -n libvorbisenc2
-
 Summary:The Vorbis General Audio Compression Codec
 Group:  System/Libraries
 
@@ -88,7 +84,6 @@
 libmatroska (matroska) can also be used.
 
 %package -n libvorbisfile3
-
 Summary:The Vorbis General Audio Compression Codec
 Group:  System/Libraries
 
@@ -144,21 +139,23 @@
 sed -i s,-O20,-O3,g configure.ac
 
 autoreconf -fiv
-%configure --disable-examples --disable-static
+%configure \
+   --disable-examples \
+   --disable-static
 make %{?_smp_mflags}
 
 %install
-%makeinstall
+make DESTDIR=%{buildroot} install %{?_smp_mflags}
 mkdir -p %{buildroot}%{_docdir}/%{name}
 mv %{buildroot}%{_datadir}/doc/libvorbis-* %{buildroot}%{_docdir}/%{name}
 install -c -m 0644 doc/Vorbis_I_spec.* %{buildroot}%{_docdir}/%{name}
 # remove unneeded files
-rm -f %{buildroot}%{_libdir}/*.la
+find %{buildroot} -type f -name *.la -delete -print
 find %{buildroot}%{_docdir}/ -empty -delete
 %fdupes -s %{buildroot}%{_docdir}
 
 %check
-%__make check
+make %{?_smp_mflags} check
 
 %post -n libvorbis0 -p /sbin/ldconfig
 
@@ -172,9 +169,6 @@
 
 %postun -n libvorbisfile3 -p /sbin/ldconfig
 
-%clean
-[ %{buildroot} != / ]  rm -rf %{buildroot}
-
 %files -n libvorbis0
 %defattr(0644,root,root,0755)
 %{_libdir}/libvorbis.so.0*

++ libvorbis-1.3.4.tar.xz - libvorbis-1.3.5.tar.xz ++
 41209 lines of diff (skipped)

++ vorbis-fix-linking.patch ++
--- /var/tmp/diff_new_pack.Hy2ZjX/_old  2015-03-16 06:56:28.0 +0100
+++ /var/tmp/diff_new_pack.Hy2ZjX/_new  2015-03-16 06:56:28.0 +0100
@@ -3,10 +3,10 @@
  configure.ac |2 +-
  2 files changed, 3

commit libvorbis for openSUSE:Factory

2014-08-20 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2014-08-20 17:53:44

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2014-02-25 
16:41:30.0 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2014-08-20 
17:53:50.0 +0200
@@ -1,0 +2,5 @@
+Mon Aug 18 14:36:27 CEST 2014 - fcro...@suse.com
+
+- Fix obsoletes and provides in baselibs.conf.
+
+---



Other differences:
--
++ baselibs.conf ++
--- /var/tmp/diff_new_pack.cpKCNb/_old  2014-08-20 17:53:51.0 +0200
+++ /var/tmp/diff_new_pack.cpKCNb/_new  2014-08-20 17:53:51.0 +0200
@@ -1,5 +1,5 @@
 libvorbis0
-  targettype 32bit provides libvorbis-targettype = 1.3.2
-  targettype 64bit obsoletes libvorbis-targettype  1.3.2
+  targettype 32bit provides libvorbis-targettype = version
+  targettype 32bit obsoletes libvorbis-targettype  1.3.2
 libvorbisenc2
 libvorbisfile3

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2014-02-25 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2014-02-25 16:41:29

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2013-04-17 
23:05:13.0 +0200
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2014-02-25 
16:41:30.0 +0100
@@ -1,0 +2,11 @@
+Sun Feb 23 19:43:16 UTC 2014 - andreas.stie...@gmx.de
+
+- Xiph libvorbis 1.3.4
+  * reduced static data size in libvorbisenc
+  * associated minor changes required to libvorbis and libvorbisfile
+  * minor build fixes and build system updates
+  * no functional changes over the previous 1.3.3 release
+- removed libvorbis-pkgconfig.patch, in upstream
+- updated vorbis-fix-linking.patch for context changes
+
+---

Old:

  libvorbis-1.3.3.tar.gz
  libvorbis-pkgconfig.patch

New:

  libvorbis-1.3.4.tar.xz



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.Bs1b2o/_old  2014-02-25 16:41:31.0 +0100
+++ /var/tmp/diff_new_pack.Bs1b2o/_new  2014-02-25 16:41:31.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libvorbis
 #
-# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:   libvorbis
-Version:1.3.3
+Version:1.3.4
 Release:0
 #to_be_filled_by_service
 Summary:The Vorbis General Audio Compression Codec
@@ -29,20 +29,20 @@
 Obsoletes:  libvorbis-64bit
 %endif
 #
-Source: 
http://downloads.xiph.org/releases/vorbis/%{name}-%{version}.tar.gz
+Source: 
http://downloads.xiph.org/releases/vorbis/%{name}-%{version}.tar.xz
 Source2:baselibs.conf
 Patch1: libvorbis-lib64.dif
 Patch2: libvorbis-m4.dif
 # URL http://www.geocities.jp/aoyoume/aotuv/
 # 'Patch5: libvorbis-%%{version}-aotuv-b5.7.diff'
 # PATCH-FIX-UPSTREAM libvorbis-pkgconfig.patch 
https://trac.xiph.org/ticket/1759 reddw...@opensuse.org -- Use 
Requires/Libs.private to avoid overlinking
-Patch10:libvorbis-pkgconfig.patch
 Patch11:vorbis-fix-linking.patch
 Patch12:vorbis-ocloexec.patch
 BuildRequires:  fdupes
 BuildRequires:  libogg-devel
 BuildRequires:  libtool
 BuildRequires:  pkgconfig
+BuildRequires:  xz
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -133,14 +133,11 @@
 %setup -q
 %patch2
 # %%patch5 -p1
-%patch10
 if [ %{_lib} == lib64 ]; then
 %patch1
 fi
-%patch11
+%patch11 -p1
 %patch12
-# automake-1.13 deprecated the old macro
-sed -i 's/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/' configure.ac
 
 %build
 # Fix optimization level

++ vorbis-fix-linking.patch ++
--- /var/tmp/diff_new_pack.Bs1b2o/_old  2014-02-25 16:41:31.0 +0100
+++ /var/tmp/diff_new_pack.Bs1b2o/_new  2014-02-25 16:41:31.0 +0100
@@ -1,5 +1,12 @@
 Makefile.am2010-12-21 17:46:03.0 +0900
-+++ Makefile.am2012-06-16 15:43:41.143756104 +0900
+---
+ Makefile.am  |4 ++--
+ configure.ac |2 +-
+ 2 files changed, 3 insertions(+), 3 deletions(-)
+
+Index: libvorbis-1.3.4/Makefile.am
+===
+--- libvorbis-1.3.4.orig/Makefile.am   2014-01-22 09:53:32.0 +
 libvorbis-1.3.4/Makefile.am2014-02-23 19:35:36.0 +
 @@ -1,8 +1,8 @@
  ## Process this file with automake to produce Makefile.in
  
@@ -11,14 +18,16 @@
  SUBDIRS = m4 include vq lib test doc
  
  if BUILD_EXAMPLES 
 configure.ac   2012-02-04 07:00:34.0 +0900
-+++ configure.ac   2012-06-16 15:43:05.647225479 +0900
-@@ -8,7 +8,7 @@
- AC_INIT([libvorbis],[1.3.3],[vorbis-...@xiph.org])
+Index: libvorbis-1.3.4/configure.ac
+===
+--- libvorbis-1.3.4.orig/configure.ac  2014-01-22 11:09:44.0 +
 libvorbis-1.3.4/configure.ac   2014-02-23 19:35:36.0 +
+@@ -8,7 +8,7 @@ dnl 
+ AC_INIT([libvorbis],[1.3.4],[vorbis-...@xiph.org])
  
  AC_CONFIG_SRCDIR([lib/mdct.c])
 -
 +AC_CONFIG_MACRO_DIR([m4])
  AC_CANONICAL_TARGET([])
  
- AM_INIT_AUTOMAKE($PACKAGE_NAME,$PACKAGE_VERSION)
+ AM_INIT_AUTOMAKE

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2013-04-17 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2013-04-17 23:05:11

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis, Maintainer is ti...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2013-03-04 
17:28:46.0 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2013-04-17 
23:05:13.0 +0200
@@ -1,0 +2,6 @@
+Tue Apr 16 06:46:59 UTC 2013 - mmeis...@suse.com
+
+- Added url as source.
+  Please see http://en.opensuse.org/SourceUrls
+
+---

Old:

  libvorbis-1.3.3.tar.bz2

New:

  libvorbis-1.3.3.tar.gz



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.0Irca0/_old  2013-04-17 23:05:15.0 +0200
+++ /var/tmp/diff_new_pack.0Irca0/_new  2013-04-17 23:05:15.0 +0200
@@ -29,7 +29,7 @@
 Obsoletes:  libvorbis-64bit
 %endif
 #
-Source: %{name}-%{version}.tar.bz2
+Source: 
http://downloads.xiph.org/releases/vorbis/%{name}-%{version}.tar.gz
 Source2:baselibs.conf
 Patch1: libvorbis-lib64.dif
 Patch2: libvorbis-m4.dif

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2013-03-04 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2013-03-04 17:28:45

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis, Maintainer is ti...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2012-06-25 
14:23:46.0 +0200
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2013-03-04 
17:28:46.0 +0100
@@ -1,0 +2,5 @@
+Sat Mar  2 12:59:01 UTC 2013 - seife+...@b1-systems.com
+
+- fix build with automake-1.13.1
+
+---



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.JpPIOX/_old  2013-03-04 17:28:48.0 +0100
+++ /var/tmp/diff_new_pack.JpPIOX/_new  2013-03-04 17:28:48.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libvorbis
 #
-# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2013 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -139,6 +139,8 @@
 fi
 %patch11
 %patch12
+# automake-1.13 deprecated the old macro
+sed -i 's/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/' configure.ac
 
 %build
 # Fix optimization level   



-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2012-06-25 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2012-06-25 14:18:19

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis, Maintainer is ti...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2012-02-22 
11:48:29.0 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2012-06-25 
14:23:46.0 +0200
@@ -1,0 +2,11 @@
+Wed Jun 20 15:42:24 UTC 2012 - ft...@geeko.jp
+
+- updated to 1.3.3
+ * vorbis: additional proofing against invalid/malicious 
+   streams in decode (see SVN for details).  
+ * vorbis: fix a memory leak in vorbis_commentheader_out().
+ * updates, corrections and clarifications in the Vorbis I
+   specification document
+ * build warning fixes
+
+---

Old:

  libvorbis-1.3.2.tar.bz2
  libvorbis-CVE-2012-0444.diff

New:

  libvorbis-1.3.3.tar.bz2



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.53pbme/_old  2012-06-25 14:23:48.0 +0200
+++ /var/tmp/diff_new_pack.53pbme/_new  2012-06-25 14:23:48.0 +0200
@@ -17,7 +17,7 @@
 
 
 Name:   libvorbis
-Version:1.3.2
+Version:1.3.3
 Release:0
 #to_be_filled_by_service
 Summary:The Vorbis General Audio Compression Codec
@@ -39,7 +39,6 @@
 Patch10:libvorbis-pkgconfig.patch
 Patch11:vorbis-fix-linking.patch
 Patch12:vorbis-ocloexec.patch
-Patch20:libvorbis-CVE-2012-0444.diff
 BuildRequires:  fdupes
 BuildRequires:  libogg-devel
 BuildRequires:  libtool
@@ -104,11 +103,11 @@
 %package devel
 Summary:Include Files and Libraries mandatory for Ogg Vorbis 
Development
 Group:  Development/Libraries/C and C++
-Requires:   libvorbis0 = %{version}
-Requires:   libvorbisfile3 = %{version}
-Requires:   libvorbisenc2 = %{version}
 Requires:   glibc-devel
 Requires:   libogg-devel
+Requires:   libvorbis0 = %{version}
+Requires:   libvorbisenc2 = %{version}
+Requires:   libvorbisfile3 = %{version}
 # bug437293 (SLES10 - SLES11 upgrade path)
 %ifarch ppc64
 Obsoletes:  libvorbis-devel-64bit
@@ -140,7 +139,6 @@
 fi
 %patch11
 %patch12
-%patch20 -p1
 
 %build
 # Fix optimization level   



++ libvorbis-1.3.2.tar.bz2 - libvorbis-1.3.3.tar.bz2 ++
 51815 lines of diff (skipped)

++ vorbis-fix-linking.patch ++
--- /var/tmp/diff_new_pack.53pbme/_old  2012-06-25 14:23:49.0 +0200
+++ /var/tmp/diff_new_pack.53pbme/_new  2012-06-25 14:23:49.0 +0200
@@ -1,18 +1,20 @@
 test/Makefile.am.orig
-+++ test/Makefile.am
-@@ -10,7 +10,7 @@ check: $(check_PROGRAMS)
-   ./test$(EXEEXT)
+--- Makefile.am2010-12-21 17:46:03.0 +0900
 Makefile.am2012-06-16 15:43:41.143756104 +0900
+@@ -1,8 +1,8 @@
+ ## Process this file with automake to produce Makefile.in
  
- test_SOURCES = util.c util.h write_read.c write_read.h test.c
--test_LDADD = ../lib/libvorbisenc.la ../lib/libvorbis.la @OGG_LIBS@
-+test_LDADD = -lm ../lib/libvorbisenc.la ../lib/libvorbis.la @OGG_LIBS@
+ #AUTOMAKE_OPTIONS = 1.7 foreign dist-zip dist-bzip2
+-AUTOMAKE_OPTIONS = foreign 1.11 dist-zip dist-xz
+-
++AUTOMAKE_OPTIONS = foreign 1.10 dist-zip
++ACLOCAL_AMFLAGS = -I m4
+ SUBDIRS = m4 include vq lib test doc
  
- debug:
-   $(MAKE) all CFLAGS=@DEBUG@
 configure.ac.orig
-+++ configure.ac
-@@ -8,13 +8,12 @@ dnl 
- AC_INIT([libvorbis],[1.3.2],[vorbis-...@xiph.org])
+ if BUILD_EXAMPLES 
+--- configure.ac   2012-02-04 07:00:34.0 +0900
 configure.ac   2012-06-16 15:43:05.647225479 +0900
+@@ -8,7 +8,7 @@
+ AC_INIT([libvorbis],[1.3.3],[vorbis-...@xiph.org])
  
  AC_CONFIG_SRCDIR([lib/mdct.c])
 -
@@ -20,29 +22,3 @@
  AC_CANONICAL_TARGET([])
  
  AM_INIT_AUTOMAKE($PACKAGE_NAME,$PACKAGE_VERSION)
- AM_MAINTAINER_MODE
- AM_CONFIG_HEADER([config.h])
--
- dnl Add parameters for aclocal
- AC_SUBST(ACLOCAL_AMFLAGS, -I m4)
- 
-@@ -53,7 +52,9 @@ dnl 
- dnl save $CFLAGS since AC_PROG_CC likes to insert -g -O2
- dnl if $CFLAGS is blank
- cflags_save=$CFLAGS
--AC_PROG_CC
-+AC_PROG_CC_STDC
-+AC_USE_SYSTEM_EXTENSIONS
-+AC_SYS_LARGEFILE
- AC_PROG_CPP
- CFLAGS=$cflags_save
- 
 Makefile.am.orig
-+++ Makefile.am
-@@ -1,5 +1,6 @@
- ## Process this file with automake to produce Makefile.in
- 
-+ACLOCAL_AMFLAGS =

commit libvorbis for openSUSE:Factory

2012-02-22 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2012-02-22 11:48:21

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis, Maintainer is ti...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2011-12-27 
18:37:43.0 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2012-02-22 
11:48:29.0 +0100
@@ -1,0 +2,6 @@
+Tue Feb 21 14:32:38 CET 2012 - ti...@suse.de
+
+- VUL-0: CVE-2012-0444: libvorbis: heap-based buffer overflow
+  (bnc#747912)
+
+---

New:

  libvorbis-CVE-2012-0444.diff



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.655c9a/_old  2012-02-22 11:48:30.0 +0100
+++ /var/tmp/diff_new_pack.655c9a/_new  2012-02-22 11:48:30.0 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package libvorbis
 #
-# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -39,6 +39,7 @@
 Patch10:libvorbis-pkgconfig.patch
 Patch11:vorbis-fix-linking.patch
 Patch12:vorbis-ocloexec.patch
+Patch20:libvorbis-CVE-2012-0444.diff
 BuildRequires:  fdupes
 BuildRequires:  libogg-devel
 BuildRequires:  libtool
@@ -139,6 +140,7 @@
 fi
 %patch11
 %patch12
+%patch20 -p1
 
 %build
 # Fix optimization level   



++ libvorbis-CVE-2012-0444.diff ++
---
 lib/floor1.c |1 +
 1 file changed, 1 insertion(+)

--- a/lib/floor1.c
+++ b/lib/floor1.c
@@ -167,6 +167,7 @@ static vorbis_info_floor *floor1_unpack
 
   for(j=0,k=0;jinfo-partitions;j++){
 count+=info-class_dim[info-partitionclass[j]];
+if(countVIF_POSIT) goto err_out;
 for(;kcount;k++){
   int t=info-postlist[k+2]=oggpack_read(opb,rangebits);
   if(t0 || t=(1rangebits))
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2011-12-27 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2011-12-27 18:36:57

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis, Maintainer is ti...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2011-11-28 
12:54:30.0 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2011-12-27 
18:37:43.0 +0100
@@ -1,0 +2,5 @@
+Sun Dec 25 11:09:50 UTC 2011 - idon...@suse.com
+
+- -O20 optimization level doesn't exist, use -O3 
+
+---



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.JGnrGW/_old  2011-12-27 18:37:48.0 +0100
+++ /var/tmp/diff_new_pack.JGnrGW/_new  2011-12-27 18:37:48.0 +0100
@@ -16,15 +16,14 @@
 #
 
 
-
 Name:   libvorbis
 Version:1.3.2
-Release:10
+Release:0
 #to_be_filled_by_service
-License:BSD-3-Clause
 Summary:The Vorbis General Audio Compression Codec
-Url:http://www.vorbis.com/
+License:BSD-3-Clause
 Group:  System/Libraries
+Url:http://www.vorbis.com/
 # bug437293 (SLES10 - SLES11 upgrade path)
 %ifarch ppc64
 Obsoletes:  libvorbis-64bit
@@ -40,8 +39,10 @@
 Patch10:libvorbis-pkgconfig.patch
 Patch11:vorbis-fix-linking.patch
 Patch12:vorbis-ocloexec.patch
+BuildRequires:  fdupes
 BuildRequires:  libogg-devel
-BuildRequires:  fdupes libtool pkgconfig
+BuildRequires:  libtool
+BuildRequires:  pkgconfig
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 
 %description
@@ -56,7 +57,6 @@
 
 Summary:The Vorbis General Audio Compression Codec
 Group:  System/Libraries
-License:BSD-3-Clause
 # bug437293 (SLES10 - SLES11 upgrade path)
 %ifarch ppc64
 Obsoletes:  libvorbis-64bit
@@ -78,7 +78,6 @@
 
 Summary:The Vorbis General Audio Compression Codec
 Group:  System/Libraries
-License:BSD-3-Clause
 
 %description -n libvorbisenc2
 Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and
@@ -92,7 +91,6 @@
 
 Summary:The Vorbis General Audio Compression Codec
 Group:  System/Libraries
-License:BSD-3-Clause
 
 %description -n libvorbisfile3
 Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and
@@ -103,7 +101,6 @@
 libmatroska (matroska) can also be used.
 
 %package devel
-License:BSD-3-Clause
 Summary:Include Files and Libraries mandatory for Ogg Vorbis 
Development
 Group:  Development/Libraries/C and C++
 Requires:   libvorbis0 = %{version}
@@ -122,7 +119,6 @@
 to compile and develop applications that use libvorbis.
 
 %package doc
-License:BSD-3-Clause
 Summary:Documentation of Ogg/Vorbis library
 Group:  Documentation/Other
 %if 0%{?suse_version} = 1120
@@ -145,6 +141,9 @@
 %patch12
 
 %build
+# Fix optimization level   


+sed -i s,-O20,-O3,g configure.ac
+
 autoreconf -fiv
 %configure --disable-examples --disable-static
 make %{?_smp_mflags}

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2011-12-06 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2011-12-06 18:26:12

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis, Maintainer is ti...@suse.com

Changes:




Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.OYL28D/_old  2011-12-06 18:47:32.0 +0100
+++ /var/tmp/diff_new_pack.OYL28D/_new  2011-12-06 18:47:32.0 +0100
@@ -21,7 +21,7 @@
 Version:1.3.2
 Release:10
 #to_be_filled_by_service
-License:BSD3c(or similar)
+License:BSD-3-Clause
 Summary:The Vorbis General Audio Compression Codec
 Url:http://www.vorbis.com/
 Group:  System/Libraries
@@ -56,7 +56,7 @@
 
 Summary:The Vorbis General Audio Compression Codec
 Group:  System/Libraries
-License:BSD3c(or similar)
+License:BSD-3-Clause
 # bug437293 (SLES10 - SLES11 upgrade path)
 %ifarch ppc64
 Obsoletes:  libvorbis-64bit
@@ -78,7 +78,7 @@
 
 Summary:The Vorbis General Audio Compression Codec
 Group:  System/Libraries
-License:BSD3c(or similar)
+License:BSD-3-Clause
 
 %description -n libvorbisenc2
 Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and
@@ -92,7 +92,7 @@
 
 Summary:The Vorbis General Audio Compression Codec
 Group:  System/Libraries
-License:BSD3c(or similar)
+License:BSD-3-Clause
 
 %description -n libvorbisfile3
 Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and
@@ -103,7 +103,7 @@
 libmatroska (matroska) can also be used.
 
 %package devel
-License:BSD3c(or similar)
+License:BSD-3-Clause
 Summary:Include Files and Libraries mandatory for Ogg Vorbis 
Development
 Group:  Development/Libraries/C and C++
 Requires:   libvorbis0 = %{version}
@@ -122,7 +122,7 @@
 to compile and develop applications that use libvorbis.
 
 %package doc
-License:BSD3c(or similar)
+License:BSD-3-Clause
 Summary:Documentation of Ogg/Vorbis library
 Group:  Documentation/Other
 %if 0%{?suse_version} = 1120

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2011-11-28 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2011-11-28 12:54:27

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis, Maintainer is ti...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2011-11-23 
19:36:22.0 +0100
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2011-11-28 
12:54:30.0 +0100
@@ -1,0 +2,8 @@
+Fri Nov 25 21:08:52 UTC 2011 - crrodrig...@opensuse.org
+
+- open files with O_CLOEXEC, in order to avoid fd leaks 
+  when calling applications fork() ..execve()...
+  This patch does not cover the executable tools since
+  it is not critical for them.
+
+---

New:

  vorbis-ocloexec.patch



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.0TrVDq/_old  2011-11-28 12:54:32.0 +0100
+++ /var/tmp/diff_new_pack.0TrVDq/_new  2011-11-28 12:54:32.0 +0100
@@ -39,6 +39,7 @@
 # PATCH-FIX-UPSTREAM libvorbis-pkgconfig.patch 
https://trac.xiph.org/ticket/1759 reddw...@opensuse.org -- Use 
Requires/Libs.private to avoid overlinking
 Patch10:libvorbis-pkgconfig.patch
 Patch11:vorbis-fix-linking.patch
+Patch12:vorbis-ocloexec.patch
 BuildRequires:  libogg-devel
 BuildRequires:  fdupes libtool pkgconfig
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
@@ -141,6 +142,7 @@
 %patch1
 fi
 %patch11
+%patch12
 
 %build
 autoreconf -fiv

++ vorbis-ocloexec.patch ++
--- lib/analysis.c.orig
+++ lib/analysis.c
@@ -73,7 +73,7 @@ void _analysis_output_always(char *base,
   char buffer[80];
 
   sprintf(buffer,%s_%d.m,base,i);
-  of=fopen(buffer,w);
+  of=fopen(buffer,we);
 
   if(!of)perror(failed to open data dump file);
 
--- lib/floor1.c.orig
+++ lib/floor1.c
@@ -899,7 +899,7 @@ int floor1_encode(oggpack_buffer *opb,vo
   char buffer[80];
   sprintf(buffer,line_%dx%ld_class%d.vqd,
   vb-pcmend/2,posts-2,class);
-  of=fopen(buffer,a);
+  of=fopen(buffer,ae);
   fprintf(of,%d\n,cval);
   fclose(of);
 }
@@ -923,7 +923,7 @@ int floor1_encode(oggpack_buffer *opb,vo
 char buffer[80];
 sprintf(buffer,line_%dx%ld_%dsub%d.vqd,
 vb-pcmend/2,posts-2,class,bookas[k]);
-of=fopen(buffer,a);
+of=fopen(buffer,ae);
 fprintf(of,%d\n,out[j+k]);
 fclose(of);
   }
--- lib/psytune.c.orig
+++ lib/psytune.c
@@ -202,7 +202,7 @@ void analysis(char *base,int i,float *v,
 FILE *of;
 char buffer[80];
 sprintf(buffer,%s_%d.m,base,i);
-of=fopen(buffer,w);
+of=fopen(buffer,we);
 
 for(j=0;jn;j++){
   if(dB  v[j]==0)
--- lib/res0.c.orig
+++ lib/res0.c
@@ -93,7 +93,7 @@ void res0_free_look(vorbis_look_residue
 
 /* long and short into the same bucket by current convention */
 sprintf(buffer,res_sub%d_part%d_pass%d.vqd,look-submap,j,k);
-of=fopen(buffer,a);
+of=fopen(buffer,ae);
 
 for(l=0;lstatebook-entries;l++)
   fprintf(of,%d:%ld\n,l,look-training_data[k][j][l]);
@@ -462,7 +462,7 @@ static long **_01class(vorbis_block *vb,
 
 for(i=0;ich;i++){
   sprintf(buffer,resaux_%d.vqd,look-train_seq);
-  of=fopen(buffer,a);
+  of=fopen(buffer,ae);
   for(j=0;jpartvals;j++)
 fprintf(of,%ld, ,partword[i][j]);
   fprintf(of,\n);
@@ -521,7 +521,7 @@ static long **_2class(vorbis_block *vb,v
 
 #ifdef TRAIN_RESAUX
   sprintf(buffer,resaux_%d.vqd,look-train_seq);
-  of=fopen(buffer,a);
+  of=fopen(buffer,ae);
   for(i=0;ipartvals;i++)
 fprintf(of,%ld, ,partword[0][i]);
   fprintf(of,\n);
--- lib/vorbisfile.c.orig
+++ lib/vorbisfile.c
@@ -1010,7 +1010,7 @@ int ov_open(FILE *f,OggVorbis_File *vf,c
 
 int ov_fopen(const char *path,OggVorbis_File *vf){
   int ret;
-  FILE *f = fopen(path,rb);
+  FILE *f = fopen(path,rbe);
   if(!f) return -1;
 
   ret = ov_open(f,vf,NULL,0);
-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2011-11-23 Thread h_root 
Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory 
checked in at 2011-11-23 19:36:21

Comparing /work/SRC/openSUSE:Factory/libvorbis (Old)
 and  /work/SRC/openSUSE:Factory/.libvorbis.new (New)


Package is libvorbis, Maintainer is ti...@suse.com

Changes:

--- /work/SRC/openSUSE:Factory/libvorbis/libvorbis.changes  2011-09-23 
02:11:09.0 +0200
+++ /work/SRC/openSUSE:Factory/.libvorbis.new/libvorbis.changes 2011-11-23 
19:36:22.0 +0100
@@ -1,0 +2,5 @@
+Tue Nov 22 10:21:04 UTC 2011 - co...@suse.com
+
+- add libtool as buildrequire to avoid implicit dependency
+
+---



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.GI1lWG/_old  2011-11-23 19:36:25.0 +0100
+++ /var/tmp/diff_new_pack.GI1lWG/_new  2011-11-23 19:36:25.0 +0100
@@ -40,7 +40,7 @@
 Patch10:libvorbis-pkgconfig.patch
 Patch11:vorbis-fix-linking.patch
 BuildRequires:  libogg-devel
-BuildRequires:  fdupes pkgconfig
+BuildRequires:  fdupes libtool pkgconfig
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
 
 %description

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2011-08-31 Thread h_root 

Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory
checked in at Wed Aug 31 10:52:41 CEST 2011.




--- libvorbis/libvorbis.changes 2011-05-05 22:56:30.0 +0200
+++ /mounts/work_src_done/STABLE/libvorbis/libvorbis.changes2011-08-29 
21:02:09.0 +0200
@@ -1,0 +2,5 @@
+Mon Aug 29 19:00:55 UTC 2011 - crrodrig...@opensuse.org
+
+- Fix build with no-add-needed 
+
+---

calling whatdependson for head-i586


New:

  vorbis-fix-linking.patch



Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.5wk5q5/_old  2011-08-31 10:52:22.0 +0200
+++ /var/tmp/diff_new_pack.5wk5q5/_new  2011-08-31 10:52:22.0 +0200
@@ -19,7 +19,7 @@
 
 Name:   libvorbis
 Version:1.3.2
-Release:8
+Release:10
 #to_be_filled_by_service
 License:BSD3c(or similar)
 Summary:The Vorbis General Audio Compression Codec
@@ -38,6 +38,7 @@
 # 'Patch5: libvorbis-%%{version}-aotuv-b5.7.diff'
 # PATCH-FIX-UPSTREAM libvorbis-pkgconfig.patch 
https://trac.xiph.org/ticket/1759 reddw...@opensuse.org -- Use 
Requires/Libs.private to avoid overlinking
 Patch10:libvorbis-pkgconfig.patch
+Patch11:vorbis-fix-linking.patch
 BuildRequires:  libogg-devel
 BuildRequires:  fdupes pkgconfig
 BuildRoot:  %{_tmppath}/%{name}-%{version}-build
@@ -139,9 +140,11 @@
 if [ %{_lib} == lib64 ]; then
 %patch1
 fi
+%patch11
 
 %build
-%configure --disable-static
+autoreconf -fiv
+%configure --disable-examples --disable-static
 make %{?_smp_mflags}
 
 %install

++ vorbis-fix-linking.patch ++
--- test/Makefile.am.orig
+++ test/Makefile.am
@@ -10,7 +10,7 @@ check: $(check_PROGRAMS)
./test$(EXEEXT)
 
 test_SOURCES = util.c util.h write_read.c write_read.h test.c
-test_LDADD = ../lib/libvorbisenc.la ../lib/libvorbis.la @OGG_LIBS@
+test_LDADD = -lm ../lib/libvorbisenc.la ../lib/libvorbis.la @OGG_LIBS@
 
 debug:
$(MAKE) all CFLAGS=@DEBUG@
--- configure.ac.orig
+++ configure.ac
@@ -8,13 +8,12 @@ dnl 
 AC_INIT([libvorbis],[1.3.2],[vorbis-...@xiph.org])
 
 AC_CONFIG_SRCDIR([lib/mdct.c])
-
+AC_CONFIG_MACRO_DIR([m4])
 AC_CANONICAL_TARGET([])
 
 AM_INIT_AUTOMAKE($PACKAGE_NAME,$PACKAGE_VERSION)
 AM_MAINTAINER_MODE
 AM_CONFIG_HEADER([config.h])
-
 dnl Add parameters for aclocal
 AC_SUBST(ACLOCAL_AMFLAGS, -I m4)
 
@@ -53,7 +52,9 @@ dnl 
 dnl save $CFLAGS since AC_PROG_CC likes to insert -g -O2
 dnl if $CFLAGS is blank
 cflags_save=$CFLAGS
-AC_PROG_CC
+AC_PROG_CC_STDC
+AC_USE_SYSTEM_EXTENSIONS
+AC_SYS_LARGEFILE
 AC_PROG_CPP
 CFLAGS=$cflags_save
 
--- Makefile.am.orig
+++ Makefile.am
@@ -1,5 +1,6 @@
 ## Process this file with automake to produce Makefile.in
 
+ACLOCAL_AMFLAGS = -I m4
 AUTOMAKE_OPTIONS = 1.7 foreign dist-zip dist-bzip2
 
 SUBDIRS = m4 include vq lib test doc





Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org

commit libvorbis for openSUSE:Factory

2011-05-09 Thread h_root 

Hello community,

here is the log from the commit of package libvorbis for openSUSE:Factory
checked in at Mon May 9 09:15:13 CEST 2011.




--- libvorbis/libvorbis.changes 2010-12-10 15:14:37.0 +0100
+++ /mounts/work_src_done/STABLE/libvorbis/libvorbis.changes2011-05-05 
22:56:30.0 +0200
@@ -1,0 +2,5 @@
+Thu May  5 22:56:15 CEST 2011 - dmuel...@suse.de
+
+- fix provides/obsoletes in baselibs
+
+---

calling whatdependson for head-i586




Other differences:
--
++ libvorbis.spec ++
--- /var/tmp/diff_new_pack.D1c25Y/_old  2011-05-09 09:14:20.0 +0200
+++ /var/tmp/diff_new_pack.D1c25Y/_new  2011-05-09 09:14:20.0 +0200
@@ -1,7 +1,7 @@
 #
-# spec file for package libvorbis (Version 1.3.2)
+# spec file for package libvorbis
 #
-# Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
+# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
 
 Name:   libvorbis
 Version:1.3.2
-Release:2
+Release:8
 #to_be_filled_by_service
 License:BSD3c(or similar)
 Summary:The Vorbis General Audio Compression Codec
@@ -61,9 +61,8 @@
 %endif
 #
 # libvorbis was last used in openSUSE 11.3
-
-Provides:   %{name} = %{version}
-Obsoletes:  %{name}  %{version}
+Provides:   %{name} = 1.3.2
+Obsoletes:  %{name}  1.3.2
 
 %description -n libvorbis0
 Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and

++ baselibs.conf ++
--- /var/tmp/diff_new_pack.D1c25Y/_old  2011-05-09 09:14:20.0 +0200
+++ /var/tmp/diff_new_pack.D1c25Y/_new  2011-05-09 09:14:20.0 +0200
@@ -1,3 +1,5 @@
 libvorbis0
+  targettype 32bit provides libvorbis-targettype = 1.3.2
+  targettype 64bit obsoletes libvorbis-targettype  1.3.2
 libvorbisenc2
 libvorbisfile3






Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org