From 4f5a1c01304948dcc2baac38c52eed8755a51579 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Tue, 24 Oct 2023 13:53:59 +0200 Subject: [PATCH] Sync from SUSE:ALP:Source:Standard:1.0 libsndfile revision a92625706874b117e95d2f062c97f0b3 --- .gitattributes | 23 ++ _multibuild | 4 + baselibs.conf | 3 + libsndfile-1.2.2.tar.xz | 3 + libsndfile-1.2.2.tar.xz.asc | Bin 0 -> 662 bytes libsndfile-CVE-2022-33065.patch | 40 ++ libsndfile-progs.changes | 547 +++++++++++++++++++++++++ libsndfile-progs.spec | 67 ++++ libsndfile.changes | 692 ++++++++++++++++++++++++++++++++ libsndfile.keyring | 111 +++++ libsndfile.spec | 112 ++++++ sndfile-ocloexec.patch | 18 + 12 files changed, 1620 insertions(+) create mode 100644 .gitattributes create mode 100644 _multibuild create mode 100644 baselibs.conf create mode 100644 libsndfile-1.2.2.tar.xz create mode 100644 libsndfile-1.2.2.tar.xz.asc create mode 100644 libsndfile-CVE-2022-33065.patch create mode 100644 libsndfile-progs.changes create mode 100644 libsndfile-progs.spec create mode 100644 libsndfile.changes create mode 100644 libsndfile.keyring create mode 100644 libsndfile.spec create mode 100644 sndfile-ocloexec.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..fecc750 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/_multibuild b/_multibuild new file mode 100644 index 0000000..9640ef2 --- /dev/null +++ b/_multibuild @@ -0,0 +1,4 @@ + + libsndfile-progs + + diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..05b95e8 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,3 @@ +libsndfile1 + provides "libsndfile- = " + obsoletes "libsndfile- <= 1.0.25" diff --git a/libsndfile-1.2.2.tar.xz b/libsndfile-1.2.2.tar.xz new file mode 100644 index 0000000..ee3b57c --- /dev/null +++ b/libsndfile-1.2.2.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3799ca9924d3125038880367bf1468e53a1b7e3686a934f098b7e1d286cdb80e +size 730760 diff --git a/libsndfile-1.2.2.tar.xz.asc b/libsndfile-1.2.2.tar.xz.asc new file mode 100644 index 0000000000000000000000000000000000000000..ce5b09138579a0eb4d785e85107e0491520f1308 GIT binary patch literal 662 zcmV;H0%`q;0+R#)0SW+p79j+<)iGV50CK>nV2Gd2HsKc_E;vF30%X{t3SSg}00000 zE&wQLb8~fNaxG?XazJixbYXO9Z*FrgZ*XO9aA$BXW@%=0XlQS8b7gH|ZZ2+RbV4{p zH8U|aL_shxFgG$oFhMvrFgQ3lMngq2HbpTpH!?6XMKd@wG5`t*5Y9H?7a%S;LdQH0 z{yG6fg?V+A4gDj0J`9iOv#3=PALQZ^TU|@bj*l_OqUa4TZv`B(+N8vF;+An9a0ZE#NN#F%u3Dl!%$ba zi5bHkhcI0uLo0zDxweE|zM<2fGIj31K^&zLd7zzR|BBaF{rI#igvGHu=vwc2Puq9Y zy#j z{wKXG10MloAGk~-r9Gf6wRF{qBu(YRzN%~ALNMRqIq7E(3{~iBc&EB8qQp+2$#jLi wByg5W2>qa!wRH92PcR*HDh#MIJ839Hs{I-w2IXZX{-hvZlx5q?W%eu1rCk{*$p8QV literal 0 HcmV?d00001 diff --git a/libsndfile-CVE-2022-33065.patch b/libsndfile-CVE-2022-33065.patch new file mode 100644 index 0000000..785414b --- /dev/null +++ b/libsndfile-CVE-2022-33065.patch @@ -0,0 +1,40 @@ +From 0754562e13d2e63a248a1c82f90b30bc0ffe307c Mon Sep 17 00:00:00 2001 +From: Alex Stewart +Date: Tue, 10 Oct 2023 16:10:34 -0400 +Subject: [PATCH] mat4/mat5: fix int overflow in dataend calculation + +The clang sanitizer warns of a possible signed integer overflow when +calculating the `dataend` value in `mat4_read_header()`. + +``` +src/mat4.c:323:41: runtime error: signed integer overflow: 205 * -100663296 cannot be represented in type 'int' +SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/mat4.c:323:41 in +src/mat4.c:323:48: runtime error: signed integer overflow: 838860800 * 4 cannot be represented in type 'int' +SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior src/mat4.c:323:48 in +``` + +Cast the offending `rows` and `cols` ints to `sf_count_t` (the type of +`dataend` before performing the calculation, to avoid the issue. + +CVE: CVE-2022-33065 +Fixes: https://github.com/libsndfile/libsndfile/issues/789 +Fixes: https://github.com/libsndfile/libsndfile/issues/833 + +Signed-off-by: Alex Stewart +--- + src/mat4.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/mat4.c b/src/mat4.c +index 0b1b414b4..575683ba1 100644 +--- a/src/mat4.c ++++ b/src/mat4.c +@@ -320,7 +320,7 @@ mat4_read_header (SF_PRIVATE *psf) + psf->filelength - psf->dataoffset, psf->sf.channels * psf->sf.frames * psf->bytewidth) ; + } + else if ((psf->filelength - psf->dataoffset) > psf->sf.channels * psf->sf.frames * psf->bytewidth) +- psf->dataend = psf->dataoffset + rows * cols * psf->bytewidth ; ++ psf->dataend = psf->dataoffset + (sf_count_t) rows * (sf_count_t) cols * psf->bytewidth ; + + psf->datalength = psf->filelength - psf->dataoffset - psf->dataend ; + diff --git a/libsndfile-progs.changes b/libsndfile-progs.changes new file mode 100644 index 0000000..8d32774 --- /dev/null +++ b/libsndfile-progs.changes @@ -0,0 +1,547 @@ +------------------------------------------------------------------- +Fri Oct 20 11:45:14 UTC 2023 - Takashi Iwai + +- Update to 1.2.1: + * Various bug fixes (issue #908, #907, #934, #950, #930) +- Update to 1.2.2: + * Fixed invalid regex in src/create_symbols_file.py + * Fixed passing null pointer to printf %s in tests +- Fix signed integers overflows in au_read_header() + (bsc#1213451, CVE-2022-33065): + libsndfile-CVE-2022-33065.patch + +------------------------------------------------------------------- +Tue Feb 21 10:14:43 UTC 2023 - Paolo Stivanin + +- update to 1.2.0: + * Searching for LAME dependency with CMake build system (issue #821). + * CMake build from Autotools tarball (issue #816). + * Build on UWP platform (issue #824). + * Fix signed integer overflow (issue #785). + * Skipping large wav chunks on stdin (PR #819). + +------------------------------------------------------------------- +Fri Apr 8 15:02:29 CEST 2022 - tiwai@suse.de + +- Fix build with libsndfile 1.1.0; add missing build reqs + +------------------------------------------------------------------- +Tue Mar 29 18:07:33 UTC 2022 - Dirk Müller + +- update to 1.1.0: + * Added MPEG Encode/Decode Support + * New fuzzer for OSS-Fuzz, thanks @DavidKorczynski. + Fixed: + * Memory leak in caf_read_header(), credit to OSS-Fuzz (issue 30375). + * Stack overflow in guess_file_type() + * Abort in fuzzer, thanks @bobsayshilol, credit to OSS-Fuzz + * Infinite loop in svx_read_header(), thanks @bobsayshilol, credit to OSS-Fuzz + * GCC and Clang pedantic warnings, thanks @bobsayshilol. + * Normalisation issue when scaling floating point data to int in + replace_read_f2i(), thanks @bobsayshilol, (issue #702). + * Missing samples when doing a partial read of Ogg file from index till the + end of file, thanks @arthurt (issue #643). + * sndfile-salvage: Handle files > 4 GB on Windows OS + * Undefined shift in dyn_get_32bit(), credit to OSS-Fuzz + * Integer overflow in nms_adpcm_update(), credit to OSS-Fuzz + * Integer overflow in psf_log_printf(), credit to OSS-Fuzz + * ABI version incompatibility between Autotools and CMake build on Apple + platforms. + * Heap buffer overflow in wavlike_ima_decode_block() + * Heap buffer overflow in msadpcm_decode_block() + * Heap buffer overflow in psf_binheader_readf() + * Index out of bounds in psf_nms_adpcm_decode_block() + * Heap buffer overflow in flac_buffer_copy() + * Heap buffer overflow in copyPredictorTo24() + * Uninitialized variable in psf_binheader_readf() +- drop sndfile-deinterlace-channels-check.patch ms_adpcm-Fix-and-extend-size-checks.patch, + libsndfile-CVE-2021-4156.patch (obsolete) + +------------------------------------------------------------------- +Sun Mar 14 21:38:48 UTC 2021 - Dirk Müller + +- update to 1.0.31: + * documentation fixes and updates + * Change CMake's project name from sndfile to libsndfile as it should be. + * Fix memory leak in wav_read_smpl_chunk() function, credit to OSS-Fuzz. + * Fix aiff_read_header() memory leak(), credit to OSS-Fuzz. + * Fix leak in wav_read_header(), credit to OSS-Fuzz. + * Fix leak in wavlike_read_cart_chunk(), credit to OSS-Fuzz. + * Fix memory leak in wav_read_acid_chunk(), credit to OSS-Fuzz. + * Fix memory leak in aiff_read_basc_chunk(), credit to OSS-Fuzz. + * Fix memory leak in wavlike_read_peak_chunk(), credit to OSS-Fuzz. + * Fix memory leak in aiff_read_header(), credit to OSS-Fuzz. + * Fix use of uninitialized value in exif_subchunk_parse(), credit to OSS-Fuzz. + * Fix use of uninitialized value in endswap_int64_t_array(), credit to + * OSS-Fuzz. + * Fix up the fuzzer so that it can't under or overseek, + * thanks to Max Dymond cmeister2@gmail.com. + * Fix Autotools configure on macOS, thanks to @tmcguire and @nwh. + * Exclude repository-configuration from git-archive, thanks to @umlaeute. + * Use version-script when compiling with clang on Unix with Autotools, thanks + * to @tstellar. + * Improve handling of SMPL chunks in WAV files, thanks to @zodf0055980. +- update to 1.0.30: + * Move sndfile.h.in from src/ to include/ directory. + * Huge documentation update. + * Fix opus test failures on BE platforms + * Fix bug when sf_open_fd() function sometimes leaves filehandle open, even if close_desc parameter is TRUE, thanks to @umläute. + * Fix infinite loops on some pathological SD2 files + * Switch to GitHub Actions for continuous integration. + * Add OSS-Fuzz tests to GitHub Actions workflow + * Fix memory leak in wavlike_read_bext_chunk() function, credit to OSS-Fuzz. + * Fix undefined behavior in avr-read_header() function, credit to OSS-Fuzz. +- update to 1.0.29: + * Fixes for: CVE-2017-12562, CVE-2017-17456, CVE-2017-17457, CVE-2018-19661, CVE-2018-19662, CVE-2018-19758 and CVE-2019-3832. + * Add BWF v2 loudness parameters. + * Wave64: Permit and skip arbitrary chunks prior to the data chunk. + * Fix ASAN crash in wavlike_ima_seek(). + * Fix IMA-ADPCM encoding for AIFF files. + * sndfile-convert: Handle gsm, vox and opus extensions the same way. + * Add SFC_SET_OGG_PAGE_LATENCY_MS command to get Ogg page latency for Ogg Opus files. + * Fix parsing of some SD2 files. + * Documentation updates. + * Minor bug fixes and improvements. +- drop libsndfile-CVE-2017-17456-alaw-range-check.patch + libsndfile-CVE-2017-17457-ulaw-range-check.patch + libsndfile-wav-loop-count-fix.patch + 0001-FLAC-Fix-a-buffer-read-overrun.patch + 0002-src-flac.c-Fix-a-buffer-read-overflow.patch + 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch + 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch + 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch + 0031-sfe_copy_data_fp-check-value-of-max-variable.patch: upstream + +------------------------------------------------------------------- +Fri Jul 6 14:11:47 CEST 2018 - tiwai@suse.de + +- Fix buffer overflow in sndfile-deinterleave, which isn't really a + security issue (bsc#1100167, CVE-2018-13139, bsc#1116993, + CVE-2018-19432): + (Apply all the rest as well to sync with libsndfile.spec) + 0001-FLAC-Fix-a-buffer-read-overrun.patch + 0002-src-flac.c-Fix-a-buffer-read-overflow.patch + 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch + 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch + 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch + 0031-sfe_copy_data_fp-check-value-of-max-variable.patch + libsndfile-CVE-2017-17456-alaw-range-check.patch + libsndfile-CVE-2017-17457-ulaw-range-check.patch + sndfile-deinterlace-channels-check.patch + sndfile-ocloexec.patch + +------------------------------------------------------------------- +Mon Apr 10 10:47:58 CEST 2017 - tiwai@suse.de + +- Update to version 1.0.27: + * Fix a seek regression in 1.0.26 + * Add metadata read/write for CAF and RF64 + * FIx PAF endian-ness issue +- Update to version 1.0.28 + * Fix buffer overruns in FLAC and ID3 handling code + (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053) + * Reduce default header memory requirements + * Fix detection of Large File Support for 32 bit systems. +- Obsoleted patch: + libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch + +------------------------------------------------------------------- +Tue Nov 24 08:31:31 UTC 2015 - idonmez@suse.com + +- Remove documentation, it belongs to the libsndfile package. + +------------------------------------------------------------------- +Mon Nov 23 17:22:41 CET 2015 - tiwai@suse.de + +- Update to version 1.0.26: + * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805. + * Add ALAC/CAF support. Minor bug fixes and improvements. +- Drop libsndfile-example-fix.diff + +------------------------------------------------------------------- +Sat Mar 21 08:14:38 UTC 2015 - mpluskal@suse.com + +- Cleanup spec file with spec-cleaner +- Add gpg signature + +------------------------------------------------------------------- +Mon Apr 15 14:00:22 UTC 2013 - mmeister@suse.com + +- Added url as source. + Please see http://en.opensuse.org/SourceUrls + +------------------------------------------------------------------- +Mon Nov 21 17:30:11 UTC 2011 - jengelh@medozas.de + +- Remove redundant/unwanted tags/section (cf. specfile guidelines) + +------------------------------------------------------------------- +Fri Jul 29 14:48:03 CEST 2011 - tiwai@suse.de + +- Fix zero-division in PAF parser (bnc#708988) + +------------------------------------------------------------------- +Mon Jul 18 17:23:30 CEST 2011 - tiwai@suse.de + +- updated to version 1.0.25: + Fix for Secunia Advisory SA45125 (CVE-2011-2696, bnc#705681) + Minor bug fixes and improvements + +------------------------------------------------------------------- +Wed Mar 23 13:01:06 UTC 2011 - oliver.bengs@opensuse.org + +- Update to version 1.0.24 +- Upstream changes : + * WAV files are now written with an 18 byte u-law and A-law fmt chunk + * A document on virtual I/O functionality was added + * Two new methods were added in sndfile.hh + * A fix was made for a non-zero SSND offset values on AIFF + * Minor bug fixes and improvements were done + +------------------------------------------------------------------- +Mon Oct 11 16:20:37 UTC 2010 - oliver.bengs@opensuse.org + +- Update to version 1.0.23: +- Upstream changes : + * configure.ac src/version-metadata.rc.in src/Makefile.am + Add version string resources to the windows DLL. + * doc/api.html + Update to add missing SF_FORMAT_* values. Closed Debian bug #545257. + * NEWS README configure.ac doc/*.html + Updates for 1.0.23 release. + * Other minor bug fixes + +------------------------------------------------------------------- +Fri Oct 8 06:50:36 UTC 2010 - davejplater@gmail.com + +- Update to version 1.0.22 +- Upstream changes : + * Bunch of minor bug fixes. + +------------------------------------------------------------------- +Mon Aug 16 12:44:02 CEST 2010 - tiwai@suse.de + +- updated to version 1.0.21: + * Bunch of minor bug fixes. + * including VUL-1 divide-by-zero fix (bnc#631379) + +------------------------------------------------------------------- +Wed Jun 3 00:13:56 CEST 2009 - dmueller@suse.de + +- explicitely enable sqlite support to avoid random flipping + +------------------------------------------------------------------- +Fri May 15 14:38:13 CEST 2009 - tiwai@suse.de + +- updated to version 1.0.20: + * Fix for potential heap overflow +- enable ogg/vorbis support + +------------------------------------------------------------------- +Mon Apr 27 01:06:17 CEST 2009 - ro@suse.de + +- buildfix: tar basedir is libsndfile not libsndfile-progs + +------------------------------------------------------------------- +Fri Apr 24 14:50:32 CEST 2009 - tiwai@suse.de + +- built progs subpackage from an individual spec file to cut the + circular dependency with jack. + +------------------------------------------------------------------- +Wed Mar 4 09:40:59 CET 2009 - tiwai@suse.de + +- updated to version 1.0.19: + * Fix for CVE-2009-0186 (bnc#481769 - VUL-0: libsndfile CAF + Processing Integer Overflow Vulnerability) + * Huge number of minor fixes as a result of static analysis +- remove INSTALL file from filelist + +------------------------------------------------------------------- +Mon Feb 9 12:40:43 CET 2009 - tiwai@suse.de + +- updated to version 1.0.18 + * Add Ogg/Vorbis support (disabled right now due to vorbis + version mismatch; SVN version is required) + * Remove captive FLAC library. + * Many new features and bug fixes. + * Generate Win32 and Win64 pre-compiled binaries. +- Dropped libsndfile-octave subpackage (as octave itself is + dropped from FACTORY) + +------------------------------------------------------------------- +Wed Jan 7 12:34:56 CET 2009 - olh@suse.de + +- obsolete old -XXbit packages (bnc#437293) + +------------------------------------------------------------------- +Tue Oct 14 17:53:37 CEST 2008 - meissner@suse.de + +- prototype for memset + +------------------------------------------------------------------- +Tue May 6 15:10:55 CEST 2008 - tiwai@suse.de + +- fix missing initializations in demo programs (bnc#351128) + +------------------------------------------------------------------- +Tue Apr 15 17:39:20 CEST 2008 - schwab@suse.de + +- Fix configure script. + +------------------------------------------------------------------- +Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de + +- added baselibs.conf file to build xxbit packages + for multilib support + +------------------------------------------------------------------- +Mon Mar 10 18:42:43 CET 2008 - crrodriguez@suse.de + +- remove explicit-lib-dependencies +- fix -devel package dependencies + +------------------------------------------------------------------- +Thu Sep 20 15:22:45 CEST 2007 - tiwai@suse.de + +- VUL-0: Heap-based buffer overflow in flac.c (#326070, + CVE-2007-4974) + +------------------------------------------------------------------- +Mon Apr 16 13:56:20 CEST 2007 - tiwai@suse.de + +- Move docs and manpages to appropriate sub-packages (#264820) +- Remove static library (#264820) + +------------------------------------------------------------------- +Mon Apr 16 11:12:42 CEST 2007 - schwab@suse.de + +- Fix quoting in autoconf macros. + +------------------------------------------------------------------- +Fri Apr 13 14:50:15 CEST 2007 - tiwai@suse.de + +- fix FLAC-1.1.4 support. + +------------------------------------------------------------------- +Fri Sep 1 20:46:09 CEST 2006 - tiwai@suse.de + +- updated to version 1.0.17: + * Add C++ wrapper sndfile.hh. Minor bug fixes and cleanups. + +------------------------------------------------------------------- +Tue Jul 4 16:35:22 CEST 2006 - tiwai@suse.de + +- fix the build -- removed invalidly overridden HAVE_DECL_S_IRGRP + definition in configure.ac. + +------------------------------------------------------------------- +Mon May 29 15:42:24 CEST 2006 - tiwai@suse.de + +- added flac-devel to requires of devel sub package. + +------------------------------------------------------------------- +Mon May 15 12:54:14 CEST 2006 - tiwai@suse.de + +- updated to version 1.0.16. + * more format supports + * code cleanups + * fix memleaks + +------------------------------------------------------------------- +Wed Jan 25 21:37:45 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Fri Sep 30 18:27:24 CEST 2005 - tiwai@suse.de + +- updated to version 1.0.12. +- split example programs to progs sub-package. +- added -fno-strict-aliasing. + +------------------------------------------------------------------- +Wed Nov 17 15:46:25 CET 2004 - tiwai@suse.de + +- updated to version 1.0.11. + +------------------------------------------------------------------- +Fri Sep 3 15:27:52 CEST 2004 - tiwai@suse.de + +- removed python from neededforbuild. + +------------------------------------------------------------------- +Thu Aug 5 12:25:07 CEST 2004 - tiwai@suse.de + +- updated to version 1.0.10. + +------------------------------------------------------------------- +Thu Feb 26 12:29:53 CET 2004 - tiwai@suse.de + +- updated to version 1.0.7. + +------------------------------------------------------------------- +Sat Jan 10 17:13:28 CET 2004 - adrian@suse.de + +- add %run_ldconfig + +------------------------------------------------------------------- +Mon Sep 15 16:52:26 CEST 2003 - kukuk@suse.de + +- Set x bit on directories + +------------------------------------------------------------------- +Fri Jun 20 23:38:53 CEST 2003 - ro@suse.de + +- added directories to filelist + +------------------------------------------------------------------- +Fri Jun 6 15:35:57 CEST 2003 - tiwai@suse.de + +- updated to version 1.0.5. + +------------------------------------------------------------------- +Tue May 13 11:11:36 CEST 2003 - pthomas@suse.de + +- Put Octave interface files into an own subpackage. + +------------------------------------------------------------------- +Thu Feb 13 15:39:36 CET 2003 - pthomas@suse.de + +- Compile with all usefull warnings and fix all places where the + compiler warned. +- Fix configure to use $libdir instead of $prefix/lib for reporting. + +------------------------------------------------------------------- +Tue Feb 4 12:34:39 CET 2003 - tiwai@suse.de + +- updated to version 1.0.4. + +------------------------------------------------------------------- +Fri Jan 17 16:01:25 CET 2003 - tiwai@suse.de + +- added %run_ldconfig to %post. + +------------------------------------------------------------------- +Thu Jan 16 13:31:21 CET 2003 - tiwai@suse.de + +- updated to version 1.0.3. +- added *.la to devel package. + +------------------------------------------------------------------- +Mon Nov 25 15:21:43 CET 2002 - tiwai@suse.de + +- updated to version 1.0.2. + +------------------------------------------------------------------- +Fri Sep 20 17:31:18 CEST 2002 - tiwai@suse.de + +- updated to version 1.0.1. + +------------------------------------------------------------------- +Mon Aug 19 18:29:00 CEST 2002 - tiwai@suse.de + +- updated to version 1.0.0 final. + +------------------------------------------------------------------- +Fri Aug 2 14:46:34 CEST 2002 - tiwai@suse.de + +- updated to version 1.0.0rc3. + +------------------------------------------------------------------- +Tue Jun 25 17:52:50 CEST 2002 - tiwai@suse.de + +- updated to version 1.0.0rc2. + +------------------------------------------------------------------- +Fri Apr 12 16:16:58 CEST 2002 - tiwai@suse.de + +- set %__libdir. +- use make install as default instead of install-strip. + +------------------------------------------------------------------- +Thu Feb 7 11:23:10 CET 2002 - tiwai@suse.de + +- fixed build on s390x. + +------------------------------------------------------------------- +Fri Dec 7 13:55:21 CET 2001 - tiwai@suse.de + +- fixed group tag (System -> System Environment) + +------------------------------------------------------------------- +Thu Dec 6 17:44:35 CET 2001 - tiwai@suse.de + +- removed binaries from alsa-devel examples directory. + +------------------------------------------------------------------- +Wed Nov 21 19:35:00 CET 2001 - tiwai@suse.de + +- updated to ver.0.0.27. + +------------------------------------------------------------------- +Wed Oct 17 13:10:51 CEST 2001 - tiwai@suse.de + +- updated to ver.0.0.26. + + Added sf_command () interface. + + Added support for IRCAM files. + + Minor bug fixes. + +------------------------------------------------------------------- +Tue Aug 28 17:49:52 CEST 2001 - tiwai@suse.de + +- updated to ver.0.0.24. + + Added support for 32 bit floating point AIFC files, little endian AIFC + files and 16, 24 and 32 bit Sphere NIST files. + + Massive refactoring of internal code. + + Added read and write handling of PEAK chunks on AIFF and WAV files. + + Added read support for REX files (Propellerheads Reason). + + Added sf_read_float () and sf_write_float () interfaces. + + Minor bug fixes. +- changed group tag to System/Libraries + +------------------------------------------------------------------- +Fri Aug 3 12:03:42 CEST 2001 - tiwai@suse.de + +- fixed compile on s390. + +------------------------------------------------------------------- +Thu Jun 7 11:45:19 CEST 2001 - tiwai@suse.de + +- fixed compile with the latest libtool & autoconf. + +------------------------------------------------------------------- +Tue Apr 3 14:17:33 CEST 2001 - kukuk@suse.de + +- move *.so files into devel package +- Remove kernel_header requires +- Fix glibc-devel dependencies + +------------------------------------------------------------------- +Wed Dec 13 14:24:47 CET 2000 - tiwai@suse.de + +- fixed compile on ia64. + +------------------------------------------------------------------- +Thu Nov 2 15:25:52 CET 2000 - ro@suse.de + +- changed Group to Development/Libraries (old group did not exist) + +------------------------------------------------------------------- +Thu Nov 2 13:44:50 CET 2000 - tiwai@suse.de + +- Updated to 0.0.22. +- Changed for long package-name support (libsnd -> libsndfile, + libsndd -> libsndfile-devel). + +------------------------------------------------------------------- +Tue Sep 26 18:54:27 CEST 2000 - tiwai@suse.de + +- changed to bzip2. +- added suse_update_config. + +------------------------------------------------------------------- +Wed Sep 6 13:10:25 CEST 2000 - tiwai@suse.de + +- Initial version: 0.0.21. + diff --git a/libsndfile-progs.spec b/libsndfile-progs.spec new file mode 100644 index 0000000..6601935 --- /dev/null +++ b/libsndfile-progs.spec @@ -0,0 +1,67 @@ +# +# spec file for package libsndfile-progs +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: libsndfile-progs +Version: 1.2.2 +Release: 0 +Summary: Example Programs for libsndfile +License: LGPL-2.1-or-later +Group: System/Libraries +URL: https://libsndfile.github.io/libsndfile/ +Source0: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.xz +Source1: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.xz.asc +Source2: libsndfile.keyring +Patch1: libsndfile-CVE-2022-33065.patch +# PATCH-FIX-OPENSUSE +Patch100: sndfile-ocloexec.patch +BuildRequires: alsa-devel +BuildRequires: cmake +BuildRequires: flac-devel +BuildRequires: gcc-c++ +BuildRequires: libjack-devel +BuildRequires: libopus-devel +BuildRequires: libtool +BuildRequires: libvorbis-devel +BuildRequires: pkgconfig +BuildRequires: speex-devel +BuildRequires: sqlite3-devel + +%description +This package includes the example programs for libsndfile. + +%prep +%autosetup -p1 -n libsndfile-%{version} + +%build +%cmake -DENABLE_EXPERIMENTAL=ON -DBUILD_EXAMPLES=OFF -DCMAKE_INSTALL_DOCDIR=%{_defaultdocdir}/libsndfile +%cmake_build + +%install +%cmake_install + +# remove unnecessary files +rm -rf %{buildroot}%{_defaultdocdir}/libsndfile +rm -rf %{buildroot}%{_libdir} +rm -rf %{buildroot}%{_includedir} +rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev + +%files +%{_bindir}/* +%{_mandir}/man?/* + +%changelog diff --git a/libsndfile.changes b/libsndfile.changes new file mode 100644 index 0000000..9ca2d2e --- /dev/null +++ b/libsndfile.changes @@ -0,0 +1,692 @@ +------------------------------------------------------------------- +Fri Oct 20 11:45:14 UTC 2023 - Takashi Iwai + +- Update to 1.2.1: + * Various bug fixes (issue #908, #907, #934, #950, #930) +- Update to 1.2.2: + * Fixed invalid regex in src/create_symbols_file.py + * Fixed passing null pointer to printf %s in tests +- Fix signed integers overflows in au_read_header() + (bsc#1213451, CVE-2022-33065): + libsndfile-CVE-2022-33065.patch + +------------------------------------------------------------------- +Mon Apr 24 11:42:18 UTC 2023 - Dominique Leuenberger + +- Add _multibuild to define 2nd spec file as additional flavor. + Eliminates the need for source package links in OBS. + +------------------------------------------------------------------- +Tue Feb 21 10:14:09 UTC 2023 - Paolo Stivanin + +- update to 1.2.0: + * Searching for LAME dependency with CMake build system (issue #821). + * CMake build from Autotools tarball (issue #816). + * Build on UWP platform (issue #824). + * Fix signed integer overflow (issue #785). + * Skipping large wav chunks on stdin (PR #819). + +------------------------------------------------------------------- +Tue Mar 29 18:07:33 UTC 2022 - Dirk Müller + +- update to 1.1.0: + * Added MPEG Encode/Decode Support + * New fuzzer for OSS-Fuzz, thanks @DavidKorczynski. + Fixed: + * Memory leak in caf_read_header(), credit to OSS-Fuzz (issue 30375). + * Stack overflow in guess_file_type() + * Abort in fuzzer, thanks @bobsayshilol, credit to OSS-Fuzz + * Infinite loop in svx_read_header(), thanks @bobsayshilol, credit to OSS-Fuzz + * GCC and Clang pedantic warnings, thanks @bobsayshilol. + * Normalisation issue when scaling floating point data to int in + replace_read_f2i(), thanks @bobsayshilol, (issue #702). + * Missing samples when doing a partial read of Ogg file from index till the + end of file, thanks @arthurt (issue #643). + * sndfile-salvage: Handle files > 4 GB on Windows OS + * Undefined shift in dyn_get_32bit(), credit to OSS-Fuzz + * Integer overflow in nms_adpcm_update(), credit to OSS-Fuzz + * Integer overflow in psf_log_printf(), credit to OSS-Fuzz + * ABI version incompatibility between Autotools and CMake build on Apple + platforms. + * Heap buffer overflow in wavlike_ima_decode_block() + * Heap buffer overflow in msadpcm_decode_block() + * Heap buffer overflow in psf_binheader_readf() + * Index out of bounds in psf_nms_adpcm_decode_block() + * Heap buffer overflow in flac_buffer_copy() + * Heap buffer overflow in copyPredictorTo24() + * Uninitialized variable in psf_binheader_readf() +- drop sndfile-deinterlace-channels-check.patch ms_adpcm-Fix-and-extend-size-checks.patch, + libsndfile-CVE-2021-4156.patch (obsolete) + +------------------------------------------------------------------- +Mon Jan 3 08:35:12 CET 2022 - tiwai@suse.de + +- Fix heap buffer overflow in flac_buffer_copy (CVE-2021-4156, + bsc#1194006): + libsndfile-CVE-2021-4156.patch + +------------------------------------------------------------------- +Fri Jul 23 12:59:11 CEST 2021 - tiwai@suse.de + +- Fix heap buffer overflow vulnerability in msadpcm_decode_block + (CVE-2021-3246, bsc#1188540): + ms_adpcm-Fix-and-extend-size-checks.patch + +------------------------------------------------------------------- +Wed Mar 17 08:09:51 UTC 2021 - Dominique Leuenberger + +- BuildRequire python3-base instead of the full python3 package: + manages to break a build cycle, is cheaper, and still sufficient. + +------------------------------------------------------------------- +Sun Mar 14 21:38:48 UTC 2021 - Dirk Müller + +- update to 1.0.31: + * documentation fixes and updates + * Change CMake's project name from sndfile to libsndfile as it should be. + * Fix memory leak in wav_read_smpl_chunk() function, credit to OSS-Fuzz. + * Fix aiff_read_header() memory leak(), credit to OSS-Fuzz. + * Fix leak in wav_read_header(), credit to OSS-Fuzz. + * Fix leak in wavlike_read_cart_chunk(), credit to OSS-Fuzz. + * Fix memory leak in wav_read_acid_chunk(), credit to OSS-Fuzz. + * Fix memory leak in aiff_read_basc_chunk(), credit to OSS-Fuzz. + * Fix memory leak in wavlike_read_peak_chunk(), credit to OSS-Fuzz. + * Fix memory leak in aiff_read_header(), credit to OSS-Fuzz. + * Fix use of uninitialized value in exif_subchunk_parse(), credit to OSS-Fuzz. + * Fix use of uninitialized value in endswap_int64_t_array(), credit to + * OSS-Fuzz. + * Fix up the fuzzer so that it can't under or overseek, + * thanks to Max Dymond cmeister2@gmail.com. + * Fix Autotools configure on macOS, thanks to @tmcguire and @nwh. + * Exclude repository-configuration from git-archive, thanks to @umlaeute. + * Use version-script when compiling with clang on Unix with Autotools, thanks + * to @tstellar. + * Improve handling of SMPL chunks in WAV files, thanks to @zodf0055980. +- update to 1.0.30: + * Move sndfile.h.in from src/ to include/ directory. + * Huge documentation update. + * Fix opus test failures on BE platforms + * Fix bug when sf_open_fd() function sometimes leaves filehandle open, even if close_desc parameter is TRUE, thanks to @umläute. + * Fix infinite loops on some pathological SD2 files + * Switch to GitHub Actions for continuous integration. + * Add OSS-Fuzz tests to GitHub Actions workflow + * Fix memory leak in wavlike_read_bext_chunk() function, credit to OSS-Fuzz. + * Fix undefined behavior in avr-read_header() function, credit to OSS-Fuzz. +- update to 1.0.29: + * Fixes for: CVE-2017-12562, CVE-2017-17456, CVE-2017-17457, CVE-2018-19661, CVE-2018-19662, CVE-2018-19758 and CVE-2019-3832. + * Add BWF v2 loudness parameters. + * Wave64: Permit and skip arbitrary chunks prior to the data chunk. + * Fix ASAN crash in wavlike_ima_seek(). + * Fix IMA-ADPCM encoding for AIFF files. + * sndfile-convert: Handle gsm, vox and opus extensions the same way. + * Add SFC_SET_OGG_PAGE_LATENCY_MS command to get Ogg page latency for Ogg Opus files. + * Fix parsing of some SD2 files. + * Documentation updates. + * Minor bug fixes and improvements. +- drop libsndfile-CVE-2017-17456-alaw-range-check.patch + libsndfile-CVE-2017-17457-ulaw-range-check.patch + libsndfile-wav-loop-count-fix.patch + 0001-FLAC-Fix-a-buffer-read-overrun.patch + 0002-src-flac.c-Fix-a-buffer-read-overflow.patch + 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch + 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch + 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch + 0031-sfe_copy_data_fp-check-value-of-max-variable.patch: upstream + +------------------------------------------------------------------- +Tue Dec 3 01:46:45 UTC 2019 - Stefan Brüns + +- Remove build dependencies for progs subpackage from library: + * alsa-devel, only needed for the examples + * sqlite3-devel, only needed for the regression test +- Only build library, pass --disable-full-suite to configure + +------------------------------------------------------------------- +Tue Dec 4 13:42:05 CET 2018 - tiwai@suse.de + +- Fix segfault in wav conversion due to the invalid loop count + (CVE-2018-19758, bsc#1117954): + libsndfile-wav-loop-count-fix.patch + +------------------------------------------------------------------- +Fri Jul 6 14:11:47 CEST 2018 - tiwai@suse.de + +- Fix buffer overflow in sndfile-deinterleave, which isn't really a + security issue (bsc#1100167, CVE-2018-13139, bsc#1116993, + CVE-2018-19432): + sndfile-deinterlace-channels-check.patch + +------------------------------------------------------------------- +Fri Jun 8 14:49:18 CEST 2018 - tiwai@suse.de + +- Use license file tag + +------------------------------------------------------------------- +Fri Jun 8 14:46:54 CEST 2018 - tiwai@suse.de + +- Fix potential overflow in d2alaw_array() (CVE-2017-17456, + bsc#1071777): + libsndfile-CVE-2017-17456-alaw-range-check.patch +- Fix potential overflow in d2ulaw_array() (CVE-2017-17457, + bsc#1071767): + libsndfile-CVE-2017-17457-ulaw-range-check.patch + +------------------------------------------------------------------- +Tue Dec 19 15:57:19 CET 2017 - tiwai@suse.de + +- Fix VUL-0: divide-by-zero error exists in the function + double64_init() in double64.c (CVE-2017-14634, bsc#1059911): + 0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch +- Tentative fix for VUL-0: out of bounds read in the function + d2alaw_array() in alaw.c (CVE-2017-14245, bsc#1059912) and + VUL-0: out of bounds read in the function d2ulaw_array() in + ulaw.c (CVE-2017-14246, bsc#1059913): + 0031-sfe_copy_data_fp-check-value-of-max-variable.patch + +------------------------------------------------------------------- +Tue Aug 8 11:00:09 CEST 2017 - tiwai@suse.de + +- Fix Heap-based Buffer Overflow in the psf_binheader_writef + (CVE-2017-12562, bsc#1052476): + 0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch + +------------------------------------------------------------------- +Tue Jun 13 08:36:52 CEST 2017 - tiwai@suse.de + +- Fix out-of-bounds read memory access in the aiff_read_chanmap() + (CVE-2017-6892, bsc#1043978): + 0010-src-aiff.c-Fix-a-buffer-read-overflow.patch + +------------------------------------------------------------------- +Tue May 2 14:06:40 CEST 2017 - tiwai@suse.de + +- Fix FLAC buffer overflows (CVE-2017-8361 CVE-2017-8363 + CVE-2017-8365 CVE-2017-8362 bsc#1036944 bsc#1036945 bsc#1036946 + bsc#1036943): + 0001-FLAC-Fix-a-buffer-read-overrun.patch + 0002-src-flac.c-Fix-a-buffer-read-overflow.patch + +------------------------------------------------------------------- +Mon Apr 10 10:47:58 CEST 2017 - tiwai@suse.de + +- Update to version 1.0.27: + * Fix a seek regression in 1.0.26 + * Add metadata read/write for CAF and RF64 + * FIx PAF endian-ness issue +- Update to version 1.0.28 + * Fix buffer overruns in FLAC and ID3 handling code + (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053) + * Reduce default header memory requirements + * Fix detection of Large File Support for 32 bit systems. +- Obsoleted patch: + libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch + +------------------------------------------------------------------- +Tue May 10 17:18:51 UTC 2016 - tom.mbrt@googlemail.com + +- Fix spec file to enable builds on non opensuse OS + +------------------------------------------------------------------- +Mon Nov 23 17:20:09 CET 2015 - tiwai@suse.de + +- Update to version 1.0.26: + * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805. + * Add ALAC/CAF support. Minor bug fixes and improvements. +- Refreshed patches: + sndfile-ocloexec.patch + libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch +- Removed obsoleted patches: + libsndfile-example-fix.diff + libsndfile-fix-header-read-CVE-2015-7805.patch + libsndfile-paf-zero-division-fix.diff + libsndfile-src-common.c-Fix-a-header-parsing-bug.patch + libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch + sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch + sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch + +------------------------------------------------------------------- +Wed Nov 4 16:43:39 CET 2015 - tiwai@suse.de + +- VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-7805, bsc#953516) + libsndfile-src-common.c-Fix-a-header-parsing-bug.patch + libsndfile-fix-header-read-CVE-2015-7805.patch +- VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-8075, bsc#953519) + libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch +- Fix the build with SLE11-SP3 due to AM_SILENT_RULE macro + +------------------------------------------------------------------- +Wed Nov 4 11:38:16 CET 2015 - tiwai@suse.de + +- VUL-1: libsndfile DoS/divide-by-zero (CVE-2014-9756, bsc#953521): + libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch + +------------------------------------------------------------------- +Sat Mar 21 08:12:34 UTC 2015 - mpluskal@suse.com + +- Cleanup spec file with spec-cleaner +- Add gpg signature +- Remove old ppc provides/obsoletes + +------------------------------------------------------------------- +Wed Jan 7 08:30:31 CET 2015 - tiwai@suse.de + +- VUL-0: two buffer read overflows in sd2_parse_rsrc_fork() + (CVE-2014-9496, bnc#911796): backported upstream fix patches + sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch + sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch + +------------------------------------------------------------------- +Mon Apr 15 13:57:35 UTC 2013 - mmeister@suse.com + +- Added url as source. + Please see http://en.opensuse.org/SourceUrls + +------------------------------------------------------------------- +Fri Dec 2 15:55:49 UTC 2011 - coolo@suse.com + +- add libtool as buildrequire to avoid implicit dependency + +------------------------------------------------------------------- +Thu Nov 24 11:02:11 CET 2011 - tiwai@suse.de + +- add missing provides/obsoletes for libsndfile -> libsndfile1 + rename (bnc#732565) + +------------------------------------------------------------------- +Thu Nov 24 01:54:21 UTC 2011 - crrodriguez@opensuse.org + +- use O_CLOEXEC in library code. + +------------------------------------------------------------------- +Tue Nov 22 19:04:31 UTC 2011 - coolo@suse.com + +- fix devel dependency + +------------------------------------------------------------------- +Mon Nov 21 17:30:02 UTC 2011 - jengelh@medozas.de + +- Remove redundant/unwanted tags/section (cf. specfile guidelines) + +------------------------------------------------------------------- +Wed Aug 24 18:07:57 UTC 2011 - crrodriguez@opensuse.org + +- Enable speex support +- run make check + +------------------------------------------------------------------- +Fri Jul 29 14:48:03 CEST 2011 - tiwai@suse.de + +- Fix zero-division in PAF parser (bnc#708988) + +------------------------------------------------------------------- +Wed Jul 27 23:39:43 UTC 2011 - crrodriguez@opensuse.org + +- Remove -fno-strict-aliasing from cflags, no longer needed +- disable automake silent rules. + +------------------------------------------------------------------- +Mon Jul 18 17:23:30 CEST 2011 - tiwai@suse.de + +- updated to version 1.0.25: + Fix for Secunia Advisory SA45125 (CVE-2011-2696, bnc#705681) + Minor bug fixes and improvements + +------------------------------------------------------------------- +Wed Mar 23 12:58:38 UTC 2011 - oliver.bengs@opensuse.org + +- Update to version 1.0.24 +- Upstream changes : + * WAV files are now written with an 18 byte u-law and A-law fmt chunk + * A document on virtual I/O functionality was added + * Two new methods were added in sndfile.hh + * A fix was made for a non-zero SSND offset values on AIFF + * Minor bug fixes and improvements were done + +------------------------------------------------------------------- +Mon Oct 11 16:15:45 UTC 2010 - oliver.bengs@opensuse.org + +- Update to version 1.0.23 +- Upstream changes : + * configure.ac src/version-metadata.rc.in src/Makefile.am + Add version string resources to the windows DLL. + * doc/api.html + Update to add missing SF_FORMAT_* values. Closed Debian bug #545257. + * NEWS README configure.ac doc/*.html + Updates for 1.0.23 release. + * Other minor bug fixes + +------------------------------------------------------------------- +Fri Oct 8 06:39:47 UTC 2010 - davejplater@gmail.com + +- Update to version 1.0.22 +- Upstream changes : + * Bunch of minor bug fixes. + +------------------------------------------------------------------- +Mon Aug 16 12:44:02 CEST 2010 - tiwai@suse.de + +- updated to version 1.0.21: + * Bunch of minor bug fixes. + * including VUL-1 divide-by-zero fix (bnc#631379) + +------------------------------------------------------------------- +Wed Dec 16 09:57:06 CET 2009 - jengelh@medozas.de + +- add baselibs.conf as a source +- enable parallel building + +------------------------------------------------------------------- +Wed Jun 3 00:13:26 CEST 2009 - dmueller@suse.de + +- explicitely enable sqlite support to avoid random flipping + +------------------------------------------------------------------- +Fri May 15 14:37:52 CEST 2009 - tiwai@suse.de + +- updated to version 1.0.20: + * Fix for potential heap overflow +- enable ogg/vorbis support + +------------------------------------------------------------------- +Fri Apr 24 14:50:32 CEST 2009 - tiwai@suse.de + +- built progs subpackage from an individual spec file to cut the + circular dependency with jack. + +------------------------------------------------------------------- +Wed Mar 4 09:40:59 CET 2009 - tiwai@suse.de + +- updated to version 1.0.19: + * Fix for CVE-2009-0186 (bnc#481769 - VUL-0: libsndfile CAF + Processing Integer Overflow Vulnerability) + * Huge number of minor fixes as a result of static analysis +- remove INSTALL file from filelist + +------------------------------------------------------------------- +Mon Feb 9 12:40:43 CET 2009 - tiwai@suse.de + +- updated to version 1.0.18 + * Add Ogg/Vorbis support (disabled right now due to vorbis + version mismatch; SVN version is required) + * Remove captive FLAC library. + * Many new features and bug fixes. + * Generate Win32 and Win64 pre-compiled binaries. +- Dropped libsndfile-octave subpackage (as octave itself is + dropped from FACTORY) + +------------------------------------------------------------------- +Wed Jan 7 12:34:56 CET 2009 - olh@suse.de + +- obsolete old -XXbit packages (bnc#437293) + +------------------------------------------------------------------- +Tue Oct 14 17:53:37 CEST 2008 - meissner@suse.de + +- prototype for memset + +------------------------------------------------------------------- +Tue May 6 15:10:55 CEST 2008 - tiwai@suse.de + +- fix missing initializations in demo programs (bnc#351128) + +------------------------------------------------------------------- +Tue Apr 15 17:39:20 CEST 2008 - schwab@suse.de + +- Fix configure script. + +------------------------------------------------------------------- +Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de + +- added baselibs.conf file to build xxbit packages + for multilib support + +------------------------------------------------------------------- +Mon Mar 10 18:42:43 CET 2008 - crrodriguez@suse.de + +- remove explicit-lib-dependencies +- fix -devel package dependencies + +------------------------------------------------------------------- +Thu Sep 20 15:22:45 CEST 2007 - tiwai@suse.de + +- VUL-0: Heap-based buffer overflow in flac.c (#326070, + CVE-2007-4974) + +------------------------------------------------------------------- +Mon Apr 16 13:56:20 CEST 2007 - tiwai@suse.de + +- Move docs and manpages to appropriate sub-packages (#264820) +- Remove static library (#264820) + +------------------------------------------------------------------- +Mon Apr 16 11:12:42 CEST 2007 - schwab@suse.de + +- Fix quoting in autoconf macros. + +------------------------------------------------------------------- +Fri Apr 13 14:50:15 CEST 2007 - tiwai@suse.de + +- fix FLAC-1.1.4 support. + +------------------------------------------------------------------- +Fri Sep 1 20:46:09 CEST 2006 - tiwai@suse.de + +- updated to version 1.0.17: + * Add C++ wrapper sndfile.hh. Minor bug fixes and cleanups. + +------------------------------------------------------------------- +Tue Jul 4 16:35:22 CEST 2006 - tiwai@suse.de + +- fix the build -- removed invalidly overridden HAVE_DECL_S_IRGRP + definition in configure.ac. + +------------------------------------------------------------------- +Mon May 29 15:42:24 CEST 2006 - tiwai@suse.de + +- added flac-devel to requires of devel sub package. + +------------------------------------------------------------------- +Mon May 15 12:54:14 CEST 2006 - tiwai@suse.de + +- updated to version 1.0.16. + * more format supports + * code cleanups + * fix memleaks + +------------------------------------------------------------------- +Wed Jan 25 21:37:45 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Fri Sep 30 18:27:24 CEST 2005 - tiwai@suse.de + +- updated to version 1.0.12. +- split example programs to progs sub-package. +- added -fno-strict-aliasing. + +------------------------------------------------------------------- +Wed Nov 17 15:46:25 CET 2004 - tiwai@suse.de + +- updated to version 1.0.11. + +------------------------------------------------------------------- +Fri Sep 3 15:27:52 CEST 2004 - tiwai@suse.de + +- removed python from neededforbuild. + +------------------------------------------------------------------- +Thu Aug 5 12:25:07 CEST 2004 - tiwai@suse.de + +- updated to version 1.0.10. + +------------------------------------------------------------------- +Thu Feb 26 12:29:53 CET 2004 - tiwai@suse.de + +- updated to version 1.0.7. + +------------------------------------------------------------------- +Sat Jan 10 17:13:28 CET 2004 - adrian@suse.de + +- add %run_ldconfig + +------------------------------------------------------------------- +Mon Sep 15 16:52:26 CEST 2003 - kukuk@suse.de + +- Set x bit on directories + +------------------------------------------------------------------- +Fri Jun 20 23:38:53 CEST 2003 - ro@suse.de + +- added directories to filelist + +------------------------------------------------------------------- +Fri Jun 6 15:35:57 CEST 2003 - tiwai@suse.de + +- updated to version 1.0.5. + +------------------------------------------------------------------- +Tue May 13 11:11:36 CEST 2003 - pthomas@suse.de + +- Put Octave interface files into an own subpackage. + +------------------------------------------------------------------- +Thu Feb 13 15:39:36 CET 2003 - pthomas@suse.de + +- Compile with all usefull warnings and fix all places where the + compiler warned. +- Fix configure to use $libdir instead of $prefix/lib for reporting. + +------------------------------------------------------------------- +Tue Feb 4 12:34:39 CET 2003 - tiwai@suse.de + +- updated to version 1.0.4. + +------------------------------------------------------------------- +Fri Jan 17 16:01:25 CET 2003 - tiwai@suse.de + +- added %run_ldconfig to %post. + +------------------------------------------------------------------- +Thu Jan 16 13:31:21 CET 2003 - tiwai@suse.de + +- updated to version 1.0.3. +- added *.la to devel package. + +------------------------------------------------------------------- +Mon Nov 25 15:21:43 CET 2002 - tiwai@suse.de + +- updated to version 1.0.2. + +------------------------------------------------------------------- +Fri Sep 20 17:31:18 CEST 2002 - tiwai@suse.de + +- updated to version 1.0.1. + +------------------------------------------------------------------- +Mon Aug 19 18:29:00 CEST 2002 - tiwai@suse.de + +- updated to version 1.0.0 final. + +------------------------------------------------------------------- +Fri Aug 2 14:46:34 CEST 2002 - tiwai@suse.de + +- updated to version 1.0.0rc3. + +------------------------------------------------------------------- +Tue Jun 25 17:52:50 CEST 2002 - tiwai@suse.de + +- updated to version 1.0.0rc2. + +------------------------------------------------------------------- +Fri Apr 12 16:16:58 CEST 2002 - tiwai@suse.de + +- set %__libdir. +- use make install as default instead of install-strip. + +------------------------------------------------------------------- +Thu Feb 7 11:23:10 CET 2002 - tiwai@suse.de + +- fixed build on s390x. + +------------------------------------------------------------------- +Fri Dec 7 13:55:21 CET 2001 - tiwai@suse.de + +- fixed group tag (System -> System Environment) + +------------------------------------------------------------------- +Thu Dec 6 17:44:35 CET 2001 - tiwai@suse.de + +- removed binaries from alsa-devel examples directory. + +------------------------------------------------------------------- +Wed Nov 21 19:35:00 CET 2001 - tiwai@suse.de + +- updated to ver.0.0.27. + +------------------------------------------------------------------- +Wed Oct 17 13:10:51 CEST 2001 - tiwai@suse.de + +- updated to ver.0.0.26. + + Added sf_command () interface. + + Added support for IRCAM files. + + Minor bug fixes. + +------------------------------------------------------------------- +Tue Aug 28 17:49:52 CEST 2001 - tiwai@suse.de + +- updated to ver.0.0.24. + + Added support for 32 bit floating point AIFC files, little endian AIFC + files and 16, 24 and 32 bit Sphere NIST files. + + Massive refactoring of internal code. + + Added read and write handling of PEAK chunks on AIFF and WAV files. + + Added read support for REX files (Propellerheads Reason). + + Added sf_read_float () and sf_write_float () interfaces. + + Minor bug fixes. +- changed group tag to System/Libraries + +------------------------------------------------------------------- +Fri Aug 3 12:03:42 CEST 2001 - tiwai@suse.de + +- fixed compile on s390. + +------------------------------------------------------------------- +Thu Jun 7 11:45:19 CEST 2001 - tiwai@suse.de + +- fixed compile with the latest libtool & autoconf. + +------------------------------------------------------------------- +Tue Apr 3 14:17:33 CEST 2001 - kukuk@suse.de + +- move *.so files into devel package +- Remove kernel_header requires +- Fix glibc-devel dependencies + +------------------------------------------------------------------- +Wed Dec 13 14:24:47 CET 2000 - tiwai@suse.de + +- fixed compile on ia64. + +------------------------------------------------------------------- +Thu Nov 2 15:25:52 CET 2000 - ro@suse.de + +- changed Group to Development/Libraries (old group did not exist) + +------------------------------------------------------------------- +Thu Nov 2 13:44:50 CET 2000 - tiwai@suse.de + +- Updated to 0.0.22. +- Changed for long package-name support (libsnd -> libsndfile, + libsndd -> libsndfile-devel). + +------------------------------------------------------------------- +Tue Sep 26 18:54:27 CEST 2000 - tiwai@suse.de + +- changed to bzip2. +- added suse_update_config. + +------------------------------------------------------------------- +Wed Sep 6 13:10:25 CEST 2000 - tiwai@suse.de + +- Initial version: 0.0.21. + diff --git a/libsndfile.keyring b/libsndfile.keyring new file mode 100644 index 0000000..4ab8c15 --- /dev/null +++ b/libsndfile.keyring @@ -0,0 +1,111 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: GnuPG v2 + +mQINBFppABgBEAC42ZiNvV7BTIgR6TQy0YnF54fx3mVRP1u8Mq00UZa7reAsNKh7 +1H60j0W4s6+4pVVIKGfpVGxLwUdJe+KVCYw1Cd3YW6uMf5zZrC/ZWqnJiH/n6S6o +1l4INII2o6YbGBnzIWBPRo7PlOL+mvgKTLpBSJPnhD8XDGN5wRiV8rL2+6Dptg0F +nJt7oxECGF3OD3gk6HMel0o82CVkIqMtNaX1L/bhcdF7K0Rp2MXPZMmpn1izW5sI +asN1G9+w+Zwj7kMJzq1Aw3ac+rsX4SEYdvXjS2QhDHQUIr6LXri3D2WbcEqIZj2R +JVoVwblsrG11dYXFDBbgrq4NhgTBsxHYDlkr/qF2W+kbPC/nhSqTVZeCYvTBZbOQ ++RqyN/I0izukglnWmV1jGijFA8snyP8efx732hw/24zRYmtXOtnEITUpw8WOeZCq +6uiHaQ+eopnY2ojBg9BI7WZm0AFn58xxT9soMsyFOUFgXTqaWFZWlJ3fhZE8/0v8 +JEu/kPGE5aJReT3b34B+Bojkj74XR+h2u7iJJBHMTE8RwGoUOZHer/XsL9xlcdks +I+7TCjiq++ShaSSt2XsJmw2BhREohrjW/2KkwmvT3b44RMpKPB4WTH+++aqJQNeM +IqmswOMoZvzEZezInj7WVY/r0WEei1Y6wt1tBrJ/cFf1oQBM1UmphxcrfQARAQAB +tB9EYXZpZCBTZWlmZXJ0IDxzb2FwQGdlbnRvby5vcmc+iQJUBBMBCgA+BQsJCAcD +BRUKCQgLBRYCAwEAAh4BAheAAhsBFiEEMdlcq22A0mIkShdQpHYg6AHkfpUFAl/V +CvoFCQkuceIACgkQpHYg6AHkfpXYxA//aiJW1NwunpmzEc62id8lRMnoLHWVjISZ +b+xSlm+hk4LYq+ZbthJDzKcT86/3DJOSE1zQw9wLuCao9IW2UfFJQBtR+TAfbagG +0Yyk/kMcLoFJxnG1ywdJWypCAauuIhia52Z7PmmjsBbFwr6LygDwSQmZAyACMAs7 +TLQe+yERc2RNDsIEsquLSxxRF0Spk9gagWtKgrPc2XBjuNtQDwW7JgsOUoEeHyxC +29fRUjC3o/pG2I6iAZp17OROZI5yl4TSORrSBDGIi2sayxyxP0x+IPKtrCUcBGNx +wGp+56bP/V0hA6sgCPh/iwvqLoeibso6l/Kd4ltVAEQnHTd6fr8g+wLEUXfbJVTR +7aeFUoaFmWjSPlQrNr6HlxSLV/kRx9kVJp1Pn16vkfVBF7fG7iDLiqphwEeQg5ND +nmGeKAbRRNxFHyBHf0XRsaYiFZQckguO+71XSRtVx8/YP5nyNbtl9y1h/4JlT6Gy +t7hb5twYFQyQrKss83E/Bo1sRdHpj0ibtqb4ZbYANbh482E6yFhAkuo8YjVTJipI +1Ve8EBKnX3R+pDt147uyysNvtPVXML+sWpGSMVSm4NA8uT3F5nqxVwj+SeXy3Wq/ +CHQ2VBKGBC655G+wFD5C6O7cTx2MwH+2H8tzhWm+gFlI3MFKEXa/PC+YUC/diYcb +BrApavriTRa5Ag0EWmkAZgEQAPXMD3mZI+ChvBysXZWksC88/uSEwFeb3XkcRm7v +04GN7hcz+bfrmnUTB3tuE/ZQgv+u7ZjetvH1aEKieznn/GjnWoOBoJusOYvfAQeF +0mQVi118QiOZRCnEZpkz+RY9TiXVgrZJg+AGqHZ3Ol4GkInEV2NWgH37Xal+HkFl +rwI2U7mL0kZRG+LAVCQHKzqU0R0HE1XyJ4qf0awtG5Qi/TZvgXBdZPDXgr8i9Vlf +UUu10c2XnXM0Av/YAlZmBFjVYrSOUCFenqSVqL+s9sTCVdWlJrGjrr3Ja4uT3kl2 +rLva0AR4oSQoxt8adKohmFz0vzOkQtCoRzhrCwoo3JvNjKdSNoOP1nSsxlO5ji8r +ih5d+ajPgi580XyHLnrvG7vobR48qqscv1hizKuCgTacOTe6Db2Gqc8xF6v8HhJa +KwWJtmFllIfN/tIvZ6BbbgHQn0IGf4CYnWf0SksPZqpBmTRpD2jfBxcj2UEg+AR3 +LARjuyUVpFJScyu6ExQG+6O+ByLL31iWP5MgUrza1rIpriPa3NT3rZ3DG2pvQrS3 +ySsrPzH7VRX8L1ThSMSzjwF96aMsd14s7XzR4EzNuWwZDukfs0yavZk6l4o1M0mb +tbJi7hE4cz13KRHYvIkKMdZGYUnzRzZUDlsj2imakk3BR6GXnxZ1ST6062g+QxiL +AJFLABEBAAGJBHIEGAEKACYCGwIWIQQx2VyrbYDSYiRKF1CkdiDoAeR+lQUCX9UL +DQUJCS5xpwJAwXQgBBkBCgAdFiEEuNUxXaAAcsCoYIifzjbhFyAuOEIFAlppAGYA +CgkQzjbhFyAuOELmrQ/9H9wrWsWa21STZdxUmyU2sh9VXAWEHl1Ey0fVTznDM0Fl +zx5YSR/TmmnE36rpaz31Ttkx8SP914oV+mMgseecdya9Bf6uZL9Cv7V3KEsJBRL/ +ncrOWQBHP/Xy1X+mLD6A19xq7H4RihSLj0LeK2YVjrJzJ7wMf4mKXuBayQeAHImU +WRCRTbmK3umh2nB5V0iPd/XZEIiYtiTPe+7E/va6+0bBvOumF3a+Z0iui7eU4hFC +7Jk71D0dcg09SlIaNoMOrw7cMC3j2pMdKtsj8+0I6WBv14PhhqPAsnjdf7I/4NfK +L7Jav8T/gDS01uA2Jxm72d+wr+eSjOBXa6x8CEbTqfkjAGxsWENThCp6zDkaXSDd +JsV0va47vjzG8+wTDAvPy5IxIM/KZZdl4uWM+mF5K+q+eSTOHe7aLF2OdcussoBA +A18zm994dAkG1COX/qpxanxx2bv/2IvCGPg+x6JtAN8ji2kncWu3dWGQdE5XbVjc +fDwgsUPpp04G27Mr/x+HpEbgZ5SdA0dAqJktlNvCcHALhlblCWrsh/1QNjT/2iG8 +wsjcpEy/s4tWAuV4PTa4xvZ1JPS7Z7Eo5aBy9ZGOWG9SrHEiHnhkUsiswbHBOEjd +pBSkmNElDcv9fRUahVCTPfvWBATFDrQyMjJBSm+cV8c/iFQM7isVSu8W7E0eetsJ +EKR2IOgB5H6Vv9sP/1dxTvH0N0UoEoxIG/hnirEkbRpljdvqy4/uikYBKyQgSbo8 +VITTjea7gIhDztil9WZYt35jbOmoaGM2Z6TP2LEDOWgljYUNq9pl9Sc2GS8cNtEO +WxExzGOc1Flo730dX3A85Ks3+0WPXZjLDcRRcPVkFd5WLQQDV1YVYopWkuQBC+Br +4q3uv+sk+bw6gDa9+zFBbDuegdsYuTXrFHoxHz2GRv9Yb7ULCMgpFeNKDgtQq91u +RqewoTwQp9tlp91LH/hh7R0Q4DRgeFDkLnVRXwSKjVvCrT5cBgImGwtFTGS4egoy +MDKd/KKjZllp1ahRCln1XfmFQyQVMVvuF/JTtt31n6KwXwK2yxIlXB01xvRH+Ees +AWeRYWKWXydaAY/9Ve0/PLFlgsr/XUGvt0GoEKe7odD3nZgg6015+/8JTroKw19L +NZkhdfFMl11Zi0j5k3UbyzjYVpFSd8K2o0VoOG1LFsPp8tlRxNoVzpId0CX1au/p +y1H7Wy/39mzriRG3rw+mJAQbBjN09putCltXFXpOEWk08n/N3vufCVQUoSu/2Bqw +2HYj8VtToQp+O5dG3XxvDHINtInP1yr2Wcw2plna0KoXLwv/lZgDm3LN+eCWpG6d +N/xk25DTSqTHArUQIEkhcHYK6GnyxUcvoKtG88hXtqEPYXiK08FZYAUPTnDYuQIN +BFppAIkBEADDjvQZUs1NoqJpxkD2QDBudU1DBCaeI1D6CancMtb5FebPUxgFlDMd +CBGOun48dY5i87gDhT/qS3gP/Mv9rjKJmcG9JHfhpXdW73owxrcsQ96nxxVJNEVl +UHJw00z8C9eGWqr0SzSoE33K/PkzSkgtsaotF6+3uCerWulweulmGa5dpVfV0mbS +aVw8VmrhZ5NmCeodyy/lR85rPik5pb32NT6v7xBkgkfS0VYtPB2E5gW1pXX/jEOi +Mfq9idOEP9lxrNXV9j49Lr0JQCwAcrYbQ2+VPe6eacJEjzJ/6HiUqhPrYdnvydmb +hU+xmv2NjGp2UnDZDEhzQfwm6fMx+8Nx2uPzCnXQGoyRBwiC/KcdW0F1ZPKdSXqH +NKoOF62pLvIMSmfI3ZVOrTohArfr1kFEYVDv9Nl7oY+qg2rZEc2srOF74a9Z46bR +TDPsEQzE2UMCvu3+rofhSD7aRotlKeDCvbe2s0yE4Man457Xc3LXh8Gva8CzCOLE +2eMhNTsHIZk68WgXp3/uvE4Xy42myrk1AV8XXDdlWgx0Kc/I6tE59O5NVPSfuGvH +1a15KKx0F6euEnYDKKpQ5PDR6dSn61po0tfbt96m044G/xQFjrfhHei4jji9Ogd9 +vlXVAi2vn3+NCSHFP5l3igLByBHy9iLIdmz7yQuus/1nwRmxOHOf2QARAQABiQI8 +BBgBCgAmAhsMFiEEMdlcq22A0mIkShdQpHYg6AHkfpUFAl/VCxkFCQkucZAACgkQ +pHYg6AHkfpVPSRAAmheYkYJmtDbkzPBBnj5mbCIQN1/G5PI9eixc/TXWFOXtcjU1 +mJlJpSidHJyLRrx7r0c+N+s8vnY/JuUBsNoMJMER+Mv/CFW4iFi59V534SyAb2S0 +7NINJnFNkXBY62CDz9KsMuv/MdSv2yLhPH2Tfrm/eDRQesj1PanE4U1cgjWyJRc/ +IOlaRHvTasWDLgwbQi8ykt+4xUWzL/YKHzB+KyyzBK7vPBXqySX8ka4BOw7SDwG5 +lX2gtmhk4AGBwVChLXKflqVx1WXj4DPOt0kmOKVnKFyvUijK58M0A2FMgFMXDTIS +DRtoZPdx/rkODXxgS+W+27NcYAnxJiM0cQqizEnQh7PQ1KzgdChPejYXMKe9lwdn +ssMUxrBpbuAuagEf+pebNjD2eaNR4p8kfaDdGn53q55ysDvoyxKvnVQGSk1FAR9Q +s4N5a4f02U7dzlyEhEfIcuUlRCfnlpn4n725YIhHheDig5zKWoEZCkNIfiRcGzDl +8Drj+tlZiUR+gDkIoWSBaCkKbIQlc8qCYy6Hm7oZBaol6xKlUnTMK2rjK8fR4i8r +bVDWBAaWj3jcDHJ0Jg3fS/qBpeya/JXMp89TR8NK5Ys7PZpWbor+puXBYyXDAVx3 +rXQ7JBA5klHPxrgjso1S/LqwscKLENtrVjdjhryLBmPifrmofJRnrpiHIEa5Ag0E +WmkAswEQAL0hKwsRybQzkNGpJP+ElLSwFHd7XQhr+qIwLllpumWtnIK/DHmv8SpW +FqAYajmRTXipFcBHH25x2jIIliZidn0a9826l+sMzrFadMC6/W4pitP71TeqZzwn +pAuHs14YL7Wiy0aJQnfbCpRzPq3kYyOXmhmY7lPWO0WdUpR6W8wUbleK5XOVDDRx +aIC/M3hhDOxZOMzQ+pdn4BaOFQQ0ygsRkqOudbuc0R1giYRt1i6gMeT8gfzL9jlw +HcJ+aVnxdUQQ4uC47oKo/+lg7qh7LsiW79pQC1Bcdm8lhRmqtxe6ub60ecjax3XU +1ILIEfIFCv6M7LRUAwz0bqk35spgkJqrGGKkdeWEKAFHg2QWR2F0zy+HdlPLfKxO +uhaccpwc9EJtf744GS0SXa2AXr32j56n7CFcEjFcIQPBC6OJn6eA3hOVUYGZ7SrT +4fsmZiFAdGEkvLKFuNhju1Hj2EJQUY1pm4GSBco7BR8x+QqoYrt5clU3WxRMNfTR +0Rtuzsh4xskXNVMMgvKOahAtxENv2M2Cx6zJPVL5dmaysP7d6QRVeOQA5PwkcZ5Q +qK6JtDZj2jpaKQH4Za715kiIcdqMDSkwxa6avc0kARHvfFcBR4hwDm1GAlaKG7eH +8TOGGQIk8x2F3s4l8mTJVLWTP/uJYnkYBdqANYo5t1NIQLvwLFV3ABEBAAGJAjwE +GAEKACYCGyAWIQQx2VyrbYDSYiRKF1CkdiDoAeR+lQUCX9ULIwUJCS5xcAAKCRCk +diDoAeR+leekD/sF7aHH0W35ckWrXZlfSp0qHPWrBUaLBI9OAUHenRhgs4SbK0D4 +wqEiu0C5iDQojpXAeALQ8g/1pUsZ1yuFqYbGYWrHkA0Pm+P3tAGB4LMZ41YfvROP +uaiW/+IMJbWllgRtaDt8/NtCgs30WI9I+az5M29HcGfvEwEUykrBx3dE9T+1ui3O +capdd+GMvdAAsX5PyVkjWgZ7GrZeH8mG7UysYfT4qthxEtQfZ/u8ceSduKA46ugh +C2eafIDNvluqn7BU4oKxME61u6C8BN2yHLI6LV0Tr4z5H8joVbM4BSFMwLVGlsXf +HhB8kLiErN6bXolxsjARlmYiD9S9H2AcYidr6RYXf2EVFSpBG59xn1WTDN+DsHQf +7btNPEPl/OPxa3OQjG+xn8USddiP0N0B4xsyzMNCCKDgvXXcIhX55KG9eh3Tc98S +fEyhxu8ybZBIGmTJysPKxijfvSgQF+RPNTsz9lvXqkoK7RTgeYMschpjJEznCLbt +M6eTDb5z0G5uLXh6+dYxtDOlPogI5OHd+G51LwCjvrQ+AtIUCgafuemwA9mpFT2b +svb/qcxSVUb44bVaNHn1JHebX2YbokGtBOm1x2PI5fT8n6YIIYz3jKYOZAYdUT7x +6qURyNjOfG4aPJIATwuh4GSNuxUG40+yuT+XfQF24mu1esS1J3wzRloJ7w== +=K3x+ +-----END PGP PUBLIC KEY BLOCK----- + diff --git a/libsndfile.spec b/libsndfile.spec new file mode 100644 index 0000000..891a848 --- /dev/null +++ b/libsndfile.spec @@ -0,0 +1,112 @@ +# +# spec file for package libsndfile +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%define lname %{name}1 +Name: libsndfile +Version: 1.2.2 +Release: 0 +Summary: Development/Libraries/C and C++ +License: LGPL-2.1-or-later +Group: System/Libraries +URL: https://libsndfile.github.io/libsndfile/ +Source0: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.xz +Source1: https://github.com/libsndfile/libsndfile/releases/download/%{version}/libsndfile-%{version}.tar.xz.asc +Source2: libsndfile.keyring +Source3: baselibs.conf +Patch1: libsndfile-CVE-2022-33065.patch +# PATCH-FIX-OPENSUSE +Patch100: sndfile-ocloexec.patch +BuildRequires: cmake +BuildRequires: flac-devel +BuildRequires: gcc-c++ +BuildRequires: libopus-devel +BuildRequires: libtool +BuildRequires: libvorbis-devel +BuildRequires: pkgconfig +BuildRequires: python3-base +BuildRequires: speex-devel +Obsoletes: libsnd +Provides: libsnd + +%description +Libsndfile is a C library for reading and writing sound files, such as +AIFF, AU, and WAV files, through one standard interface. It can +currently read and write 8, 16, 24, and 32-bit PCM files as well as +32-bit floating point WAV files and a number of compressed formats. + +%package -n %{lname} +Summary: A Library to Handle Various Audio File Formats +Group: System/Libraries +Provides: %{name} = %{version} +Obsoletes: %{name} <= 1.0.25 + +%description -n %{lname} +Libsndfile is a C library for reading and writing sound files, such +as AIFF, AU, and WAV files, through one standard interface. It can +currently read and write 8, 16, 24, and 32-bit PCM files as well as +32-bit floating point WAV files and a number of compressed formats. + +%package devel +Summary: Development package for the libsndfile library +Group: Development/Libraries/C and C++ +Requires: %{lname} = %{version} +Requires: glibc-devel +Requires: libstdc++-devel +Obsoletes: libsndd +Provides: libsndd + +%description devel +This package contains the files needed to compile programs that use the +libsndfile library. + +%prep +%autosetup -p1 + +%build +%cmake -DENABLE_EXPERIMENTAL=ON -DBUILD_EXAMPLES=OFF -DCMAKE_INSTALL_DOCDIR=%{_defaultdocdir}/libsndfile +%cmake_build + +%install +%cmake_install + +# remove programs; built in another spec file +rm -rf %{buildroot}%{_bindir} +rm -rf %{buildroot}%{_mandir}/man1 +rm -rf %{buildroot}%{_datadir}/doc/libsndfile + +%post -n %{lname} -p /sbin/ldconfig +%postun -n %{lname} -p /sbin/ldconfig + +%check +# ctest fails?! + +%files -n %{lname} +%{_libdir}/libsndfile.so.1* + +%files devel +%doc AUTHORS CHANGELOG.md README +%license COPYING +%{_libdir}/libsndfile.so +%{_includedir}/sndfile.h +%{_includedir}/sndfile.hh +%{_libdir}/pkgconfig/*.pc +%{_libdir}/cmake/SndFile +%doc examples +%doc %{_defaultdocdir}/libsndfile + +%changelog diff --git a/sndfile-ocloexec.patch b/sndfile-ocloexec.patch new file mode 100644 index 0000000..c3ca097 --- /dev/null +++ b/sndfile-ocloexec.patch @@ -0,0 +1,18 @@ +--- + src/file_io.c | 3 +++ + 1 file changed, 3 insertions(+) + +Index: libsndfile-1.1.0/src/file_io.c +=================================================================== +--- libsndfile-1.1.0.orig/src/file_io.c ++++ libsndfile-1.1.0/src/file_io.c +@@ -598,6 +598,9 @@ psf_open_fd (PSF_FILE * pfile) + return - SFE_BAD_OPEN_MODE ; + break ; + } ; ++#ifdef O_CLOEXEC ++ oflag |= O_CLOEXEC; ++#endif + + if (mode == 0) + fd = open (pfile->path, oflag) ;