Overview Repositories Revisions Requests Users Attributes Meta

Revisions of sox

buildservice-autocommit accepted request 1191072 from Martin Pluskal's avatar Martin Pluskal (pluskalm) (revision 51) 
baserev update by copy to link target
Martin Pluskal's avatar Martin Pluskal (pluskalm) accepted request 1191031 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 50) 
- sox-gcc14.patch: fixed build with gcc14
Takashi Iwai's avatar Takashi Iwai (tiwai) accepted request 1185412 from Wolfgang Frisch's avatar Wolfgang Frisch (wfrisch) (revision 48) 
Turns out CVE-2019-1010004 is a duplicate of CVE-2017-18189 which was fixed
long ago. Sorry for the noise. (boo#1141667)
Dirk Mueller's avatar Dirk Mueller (dirkmueller) accepted request 1185145 from Wolfgang Frisch's avatar Wolfgang Frisch (wfrisch) (revision 47) 
- Apply another fix from the Debian package:
  CVE-2019-1010004.patch OOB read (bsc#1141667)
buildservice-autocommit accepted request 1120235 from Takashi Iwai's avatar Takashi Iwai (tiwai) (revision 46) 
baserev update by copy to link target
Takashi Iwai's avatar Takashi Iwai (tiwai) accepted request 1120234 from Takashi Iwai's avatar Takashi Iwai (tiwai) (revision 45) 
- Apply various fix patches taken from Debian package;
  it fixes also other entries (CVE-2022-31650 bsc#1212060
  CVE-2023-34318 bsc#1212062 CVE-2023-34432 bsc#1212063):
  CVE-2019-13590.patch
  CVE-2021-3643.patch
  CVE-2021-23159.patch
  CVE-2021-33844.patch
  CVE-2021-40426.patch
  CVE-2022-31650.patch
  CVE-2022-31651.patch
- Fix floating point exception in src/voc.c (CVE-2023-32627 bsc#1212061):
  CVE-2023-32627.patch
buildservice-autocommit accepted request 1108524 from Dave Plater's avatar Dave Plater (plater) (revision 44) 
baserev update by copy to link target
Dave Plater's avatar Dave Plater (plater) accepted request 1108507 from Olaf Hering's avatar Olaf Hering (olh) (revision 43) 
- Use file-devel instead of libmagic to fix build in Leap
buildservice-autocommit accepted request 1086097 from Martin Pluskal's avatar Martin Pluskal (pluskalm) (revision 42) 
baserev update by copy to link target
Martin Pluskal's avatar Martin Pluskal (pluskalm) committed (revision 41) 
- Further modernise specfile
Martin Pluskal's avatar Martin Pluskal (pluskalm) accepted request 1086070 from Olaf Hering's avatar Olaf Hering (olh) (revision 40) 
- Remove unused ffmpeg from BuildRequires
- Remove conditionals for amrnb/amrwb
- Use newer specfile constructs
buildservice-autocommit accepted request 576967 from Dirk Mueller's avatar Dirk Mueller (dirkmueller) (revision 39) 
baserev update by copy to link target
Dirk Mueller's avatar Dirk Mueller (dirkmueller) accepted request 576951 from Karol Babioch's avatar Karol Babioch (kbabioch) (revision 38) 
- Added patches:
  * CVE-2017-11332.patch: Fixed the startread function in wav.c, which allowed
    remote attackers to cause a DoS (divide-by-zero) via a crafted wav file.
    (CVE-2017-11332 bsc#1081140)
  * CVE-2017-11358.patch: Fixed the read_samples function in hcom.c, which
    allowed remote attackers to cause a DoS (invalid memory read) via a crafted
    hcom file. (CVE-2017-11358 bsc#1081141)
  * CVE-2017-11359.patch: Fixed the wavwritehdr function in wav.c, which
    allowed remote attackers to cause a DoS (divide-by-zero) when converting a
    a crafted snd file to a wav file. (CVE-2017-11359 bsc#1081142)
  * CVE-2017-15370.patch: Fixed a heap-based buffer overflow in the ImaExpandS
    function of ima_rw.c, which allowed remote attackers to cause a DoS during
    conversion of a crafted audio file. (CVE-2017-15370 bsc#1063439)
  * CVE-2017-15371.patch: Fixed an assertion abort in the function
    sox_append_comment() in formats.c, which allowed remote attackers to cause
    a DoS during conversion of a crafted audio file. (CVE-2017-15371
    bsc#1063450)
  * CVE-2017-15372.patch: Fixed a stack-based buffer overflow in the
    lsx_ms_adpcm_block_expand_i function of adpcm.c, which allowed remote
    attackers to cause a DoS during conversion of a crafted audio file.
    (CVE-2017-15372 bsc#1063456)
  * CVE-2017-15642.patch: Fixed an Use-After-Free vulnerability in
    lsx_aiffstartread in aiff.c, which could be triggered by an attacker by
    providing a malformed AIFF file. (CVE-2017-15642 bsc#1064576)
  * CVE-2017-18189.patch: Fixed a NULL pointer dereference triggered by a
    corrupt header specifying zero channels in the startread function in
    xa.c, which allowed remote attackers to cause a DoS (CVE-2017-18189
    bsc#1081146).
- Removed sox-doublefree.patch
buildservice-autocommit accepted request 558316 from Martin Pluskal's avatar Martin Pluskal (pluskalm) (revision 37) 
baserev update by copy to link target
Martin Pluskal's avatar Martin Pluskal (pluskalm) accepted request 558309 from Marcus Meissner's avatar Marcus Meissner (msmeissn) (revision 36) 
- sox-doublefree.patch: initialize comment, it might
  get returned back with OK. (bsc#1064576 CVE-2017-15642)
buildservice-autocommit accepted request 518799 from Martin Pluskal's avatar Martin Pluskal (pluskalm) (revision 35) 
baserev update by copy to link target
Martin Pluskal's avatar Martin Pluskal (pluskalm) accepted request 518649 from Olaf Hering's avatar Olaf Hering (olh) (revision 34) 
- Enable lame/mad/twolame unconditionally
- Remove ffmpeg/opus conditional because it is always present
buildservice-autocommit accepted request 477410 from Martin Pluskal's avatar Martin Pluskal (pluskalm) (revision 33) 
baserev update by copy to link target
Martin Pluskal's avatar Martin Pluskal (pluskalm) accepted request 477260 from Bjørn Lie's avatar Bjørn Lie (Zaitor) (revision 32) 
Fixup buildrequires
Displaying revisions 1 - 20 of 51
openSUSE Build Service is sponsored by
Places