Overview Repositories Revisions Requests Users Attributes Meta

Revisions of libsndfile

Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 20)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 19)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 18)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 17)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 16)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 15)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 14) 
- update to 1.0.31:
  * documentation fixes and updates
  * Change CMake's project name from sndfile to libsndfile as it should be.
  * Fix memory leak in wav_read_smpl_chunk() function, credit to OSS-Fuzz.
  * Fix aiff_read_header() memory leak(), credit to OSS-Fuzz.
  * Fix leak in wav_read_header(), credit to OSS-Fuzz.
  * Fix leak in wavlike_read_cart_chunk(), credit to OSS-Fuzz.
  * Fix memory leak in wav_read_acid_chunk(), credit to OSS-Fuzz.
  * Fix memory leak in aiff_read_basc_chunk(), credit to OSS-Fuzz.
  * Fix memory leak in wavlike_read_peak_chunk(), credit to OSS-Fuzz.
  * Fix memory leak in aiff_read_header(), credit to OSS-Fuzz.
  * Fix use of uninitialized value in exif_subchunk_parse(), credit to OSS-Fuzz.
  * Fix use of uninitialized value in endswap_int64_t_array(), credit to
  * OSS-Fuzz.
  * Fix up the fuzzer so that it can't under or overseek,
  * thanks to Max Dymond cmeister2@gmail.com.
  * Fix Autotools configure on macOS, thanks to @tmcguire and @nwh.
  * Exclude repository-configuration from git-archive, thanks to @umlaeute.
  * Use version-script when compiling with clang on Unix with Autotools, thanks
  * to @tstellar.
  * Improve handling of SMPL chunks in WAV files, thanks to @zodf0055980. 
- update to 1.0.30:
  * Move sndfile.h.in from src/ to include/ directory.
  * Huge documentation update.
  * Fix opus test failures on BE platforms
  * Fix bug when sf_open_fd() function sometimes leaves filehandle open, even if close_desc parameter is TRUE, thanks to @umläute.
  * Fix infinite loops on some pathological SD2 files
  * Switch to GitHub Actions for continuous integration.
  * Add OSS-Fuzz tests to GitHub Actions workflow
  * Fix memory leak in wavlike_read_bext_chunk() function, credit to OSS-Fuzz.
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 13)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 12) 
- Fix buffer overflow in sndfile-deinterleave, which isn't really a
  security issue (bsc#1100167, CVE-2018-13139, bsc#1116993,
  CVE-2018-19432):
  (Apply all the rest as well to sync with libsndfile.spec)
  0001-FLAC-Fix-a-buffer-read-overrun.patch
  0002-src-flac.c-Fix-a-buffer-read-overflow.patch
  0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
  0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
  0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
  0031-sfe_copy_data_fp-check-value-of-max-variable.patch
  libsndfile-CVE-2017-17456-alaw-range-check.patch
  libsndfile-CVE-2017-17457-ulaw-range-check.patch
  sndfile-deinterlace-channels-check.patch
  sndfile-ocloexec.patch

- Remove build dependencies for progs subpackage from library:
  * alsa-devel, only needed for the examples
  * sqlite3-devel, only needed for the regression test
- Only build library, pass --disable-full-suite to configure

- Fix segfault in wav conversion due to the invalid loop count
  (CVE-2018-19758, bsc#1117954):
  libsndfile-wav-loop-count-fix.patch

- Fix buffer overflow in sndfile-deinterleave, which isn't really a
  security issue (bsc#1100167, CVE-2018-13139, bsc#1116993,
  CVE-2018-19432):
  sndfile-deinterlace-channels-check.patch

- Use license file tag
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 11)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 10) 
- Fix FLAC buffer overflows (CVE-2017-8361 CVE-2017-8363
  CVE-2017-8365 CVE-2017-8362 bsc#1036944 bsc#1036945 bsc#1036946
  bsc#1036943):
  0001-FLAC-Fix-a-buffer-read-overrun.patch
  0002-src-flac.c-Fix-a-buffer-read-overflow.patch
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 9) 
- Update to version 1.0.27:
  * Fix a seek regression in 1.0.26
  * Add metadata read/write for CAF and RF64
  * FIx PAF endian-ness issue
- Update to version 1.0.28
  * Fix buffer overruns in FLAC and ID3 handling code
   (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053)
  * Reduce default header memory requirements
  * Fix detection of Large File Support for 32 bit systems.
- Obsoleted patch:
  libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch

- Update to version 1.0.27:
  * Fix a seek regression in 1.0.26
  * Add metadata read/write for CAF and RF64
  * FIx PAF endian-ness issue
- Update to version 1.0.28
  * Fix buffer overruns in FLAC and ID3 handling code
   (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053)
  * Reduce default header memory requirements
  * Fix detection of Large File Support for 32 bit systems. 
- Obsoleted patch:
  libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 8)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 7)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 6)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 5)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 4)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 3)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 2)
Tom Mbrt's avatar Tom Mbrt (derselbst) committed (revision 1)
Displaying all 20 revisions
openSUSE Build Service is sponsored by
Places