Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15-SP1
wavpack.25157
wavpack.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File wavpack.changes of Package wavpack.25157
------------------------------------------------------------------- Thu Jul 21 07:58:51 UTC 2022 - pgajdos@suse.com - security update - added patches fix CVE-2022-2476 [bsc#1201716], Null pointer dereference in wvunpack + wavpack-CVE-2022-2476.patch ------------------------------------------------------------------- Wed Mar 16 09:03:58 UTC 2022 - pgajdos@suse.com - security update - added patches fix CVE-2021-44269 [bsc#1197020], out of bounds read in processing .wav file + wavpack-CVE-2021-44269.patch ------------------------------------------------------------------- Mon Jan 18 10:48:16 UTC 2021 - Alexandros Toptsoglou <atoptsoglou@suse.com> - Update to version 5.4.0 * CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples (bsc#1180414) * fixed: disable A32 asm code when building for Apple silicon * fixed: issues with Adobe-style floating-point WAV files * added: --normalize-floats option to wvunpack for correctly exporting un-normalized floating-point files - Update to version 5.3.0 * fixed: OSS-Fuzz issues 19925, 19928, 20060, 20448 * fixed: trailing garbage characters on imported ID3v2 TXXX tags * fixed: various minor undefined behavior and memory access issues * fixed: sanitize tag extraction names for length and path inclusion * improved: reformat wvunpack "help" and split into long + short versions * added: regression testing to Travis CI for OSS-Fuzz crashers - Updated to version 5.2.0 *fixed: potential security issues including the following CVEs: CVE-2018-19840, CVE-2018-19841, CVE-2018-10536 (bsc#1091344), CVE-2018-10537 (bsc#1091343) CVE-2018-10538 (bsc#1091342), CVE-2018-10539 (bsc#1091341), CVE-2018-10540 (bsc#1091340), CVE-2018-7254, CVE-2018-7253, CVE-2018-6767, CVE-2019-11498 and CVE-2019-1010319 * added: support for CMake, Travis CI, and Google's OSS-fuzz * fixed: use correction file for encode verify (pipe input, Windows) * fixed: correct WAV header with actual length (pipe input, -i option) * fixed: thumb interworking and not needing v6 architecture (ARM asm) * added: handle more ID3v2.3 tag items and from all file types * fixed: coredump on Sparc64 (changed MD5 implementation) * fixed: handle invalid ID3v2.3 tags from sacd-ripper * fixed: several corner-case memory leaks Dropped patches that included in upstream version: * CVE-2018-19840.patch * CVE-2018-19841.patch * CVE-2018-7253.patch * CVE-2018-7254.patch * wavpack-CVE-2018-6767.patch * CVE-2019-1010319.patch * CVE-2019-11498.patch ------------------------------------------------------------------- Wed Aug 14 10:15:49 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com> - Add patch for bsc#1141334 CVE-2019-1010319 (use of unitialized var): * CVE-2019-1010319.patch - Add patch for bsc#1133384 CVE-2019-11498 (conditional jump): * CVE-2019-11498.patch ------------------------------------------------------------------- Mon Jan 7 19:29:45 CET 2019 - sbrabec@suse.com - Fix denial-of-service (resource exhaustion caused by an infinite loop; bsc#1120930, CVE-2018-19840, CVE-2018-19840.patch). - Fix denial-of-service (out-of-bounds read and application crash; bsc#1120929, CVE-2018-19841, CVE-2018-19841.patch). ------------------------------------------------------------------- Tue Feb 20 08:48:07 UTC 2018 - kbabioch@suse.com - Added CVE-2018-7253.patch: Fixed a heap based buffer overread in cli/dsdiff.c, which allowed remote attackers to cause DoS via a specially crafted input file (CVE-2018-7253, bsc#1081692) - Added CVE-2018-7254.patch: Fixed a buffer overread in cli/caff.c, which allowed remote attackers to cause DoS via a specially crafted input file (CVE-2018-7254, bsc#1081693) ------------------------------------------------------------------- Mon Feb 19 16:27:30 UTC 2018 - pmonrealgonzalez@suse.com - Security fix [bsc#1079746, CVE-2018-6767] * Crafted wav file can trigger a stack buffer overflow when parsing the file * Added wavpack-CVE-2018-6767.patch ------------------------------------------------------------------- Mon Nov 13 21:12:39 UTC 2017 - jengelh@inai.de - Compact description. Drop pointless --with-pic since no static libs are built. ------------------------------------------------------------------- Thu Nov 9 17:14:33 UTC 2017 - aavindraa@gmail.com - Update to version 5.1.0 * new: command-line tagging utility (wvtag) * added: option to import ID3v2.3 tags from Sony DSF files * fixed: fuzz test failures from AFL reported on SourceForge * improved: DSD decimation filter (less HF rolloff & CPU use) * fixed: non-byte audio depths (12-bit, 20-bit) not showing * fixed: rare case of noise-shaping triggering a lossy mute * fixed: recognize UTF-8 BOM when reading text files * fixed: a few portability issues - Includes changes from 5.0.0: * new: input formats (RF64, Wave64, and CAF) * removed: support for legacy WavPack files (< 4.0) * added: lossless DSD audio in Philips DSDIFF and Sony DSF files * fixed: seeking in > 2GB WavPack files (new stream reader) * fixed: accept > 4GB source audio files (all formats) * improved: increase maximum samples from 2^32 to 2^40 * added: block checksums for robustness to corruption * added: support for non-standard channel identities * added: block decoder for streaming applications * added: new pdf documentation - For other changes, see upstream: * https://github.com/dbry/WavPack/blob/master/ChangeLog - cleanup with spec-cleaner - remove wavpack-fix_pkgconfig.patch, fixed upstream in: * d440649aa113797a50e94285c8c037dc2ad7a5a9 * 779a2e62783acc6a46f75dd89359e95079ef708a * 7846e95eb1c3fa97da41dfe96de532c2df5ad281 - remove license.txt, use upstream copying file instead - Drop Requires, Provides and Obsoletes, as the SUSE versions they were needed for are now EOL. ------------------------------------------------------------------- Sat Jun 22 00:28:57 UTC 2013 - crrodriguez@opensuse.org - update to WavPack 4.70-beta (packaged as 4.60.99) * 4GB file support on 32-bit OS * memcpy() not always used correctly (Linux targets) * unsigned char issue (ARM targets) * use temporary files for safer overwriting ------------------------------------------------------------------- Mon Feb 13 10:57:33 UTC 2012 - coolo@suse.com - patch license to follow spdx.org standard ------------------------------------------------------------------- Fri Nov 25 12:33:45 UTC 2011 - coolo@suse.com - add libtool as buildrequire to avoid implicit dependency ------------------------------------------------------------------- Fri Nov 25 12:33:27 UTC 2011 - coolo@suse.com - remove _service ------------------------------------------------------------------- Sun Mar 6 21:12:12 UTC 2011 - reddwarf@opensuse.org - Add libwavpack1 to baselibs.conf ------------------------------------------------------------------- Wed Dec 8 19:05:07 UTC 2010 - cristian.rodriguez@opensuse.org - Update to version 4.60.1 * fixed: filename specs in tag extractions failed in batch operations * fixed: prevent creation of APEv2 tags > 1 MB (which we can't read) * fixed: crash when decoding old WavPack files (pre version 4.0) * added: man pages to build system and updated with newer options ------------------------------------------------------------------- Fri Apr 30 08:57:13 CEST 2010 - meissner@suse.de - buildrequire pkgconfig ------------------------------------------------------------------- Thu Sep 4 13:35:36 CEST 2008 - sbrabec@suse.cz - Updated to version 4.50.1: * added dynamic noise shaping for improved hybrid quality * added option to merge blocks of similar redundancy * added ability to store and retrieve extra mode level * improved bitrate calculation * improved decoding of corrupt and nonconforming files * added optimize storage of LossyWAV output files * added transcoding API * added metadata writing API * added full Unicode support * multichannel and 24-bit audio improvements * portability and crash fixes ------------------------------------------------------------------- Mon Aug 13 07:06:33 CEST 2007 - crrodriguez@suse.de - remove static libraries and useless libtool archive ------------------------------------------------------------------- Fri Jul 27 09:49:25 CEST 2007 - sbrabec@suse.cz - Updated to version 4.41.0: * bug fixes * improvements * new features * new optimization code * for complete list of changes see ChangeLog - Split package according to shared library packaging policy. ------------------------------------------------------------------- Thu Mar 29 11:20:58 CEST 2007 - sbrabec@suse.cz - "comparison is always false" warnings fix (David Bryant). ------------------------------------------------------------------- Wed Mar 28 16:41:05 CEST 2007 - sbrabec@suse.cz - New SuSE package, version 4.40.0, based on work of Toni Graffy <toni@links2linux.de>.
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor