pool/libebml
SHA256
17
0
Fork 1
Code Issues Pull Requests Activity
Files
factory
libebml/libebml.changes

409 lines
16 KiB
Plaintext
Raw Permalink Blame History

-------------------------------------------------------------------
Thu Dec 28 12:53:21 UTC 2023 - Dirk Müller <dmueller@suse.com>
- update to 1.4.5 (bsc#1218432, CVE-2023-52339):
* Fix invalid memory access (reading beyond allocated memory)
due to missing integer overflow check.
-------------------------------------------------------------------
Sat Oct 8 16:46:32 UTC 2022 - Luigi Baldoni <aloisio@gmx.com>
- Update to version 1.4.4
* Fix ABI compatibility: unfortunately release 1.4.3 broke ABI
compatibility. This release restores the compatibility with
release 1.4.2. Please use it instead of release 1.4.3. In
other words: 1.4.2 & 1.4.4 are compatible, while 1.4.3 is
compatible with neither 1.4.2 nor 1.4.4.
-------------------------------------------------------------------
Sat Oct 1 10:59:08 UTC 2022 - Dirk Müller <dmueller@suse.com>
- update to 1.4.3:
* A C++14 compliant C++ compiler is now required.
* Fix compilation with g++ 11. Fixes #80.
* Remove Coremake project files
* Updated the bundled utf8cpp to v3.2.1.
* Fixed several problems in `EbmlBinary:` potential segfault by
writing to a `nullptr`, potential memory leak under certain error
conditions.
* Fixed problems with the generated `pkg-config` files if any of the
installation paths are absolute.
- drop 0001-include-appropriate-header-files-for-std-numeric_lim.patch (upstream)
-------------------------------------------------------------------
Fri Mar 19 14:10:19 UTC 2021 - Christophe Giboudeaux <christophe@krop.fr>
- Add patch to fix build with GCC 11 (boo#1183715)
* 0001-include-appropriate-header-files-for-std-numeric_lim.patch
-------------------------------------------------------------------
Tue Feb 23 11:47:12 UTC 2021 - Dirk Müller <dmueller@suse.com>
- update to 1.4.2:
* Fixed several heap overflow bugs in the `ReadData` functions of
various data type classes. This fixes CVE-2021-3405.
-------------------------------------------------------------------
Tue Jan 5 09:53:07 UTC 2021 - aloisio@gmx.com
- Update to version 1.4.1
* Fixed a case EbmlMaster::Read where the element returned via
UpperEltFound and FountElt points to a just-deleted element,
causing callers to think the memory returned is valid,
potentially leading to use-after-free/double-free errors.
This can happen if the specific element's Read function
throws an exception when encountering certain invalid data
constellations.
-------------------------------------------------------------------
Sun Jun 28 06:07:14 UTC 2020 - Luigi Baldoni <aloisio@gmx.com>
- Update to version 1.4.0
* Due to breaking ABI the soname version has been bumped to
5.0.0.
* Default symbol visibility is now "hidden", reducing binary
size.
* Converted some things pointed out by cppcheck & clang-tidy
to C++11.
* Fixed a lot of issues pointed out by clang-tidy.
* Added a function "ForceNoDefault" in the "EbmlElement" class.
* Added a function "OverwriteData" in the "EbmlElement" class
to complement the existing "OverwriteHead" function.
* A C++11 compliant compiler is now required. Several of its
features are now used in the source.
* EbmlElement::FindNextElement: fixed a buffer overflow on the
stack by one byte when the first byte read had its upper
four bits unset.
* EbmlCrc32: added a explicit assignment operator with default
implementation as an explicit copy constructor exists
(implicit assignment operators are deprecated in such cases).
- Spec cleanup
-------------------------------------------------------------------
Sat Dec 7 15:03:34 UTC 2019 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 1.3.10:
* When reading binary elements with a size of 0, the element was
skipped by libebml instead of returned to the calling function.
-------------------------------------------------------------------
Wed Jul 10 13:44:41 UTC 2019 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 1.3.9:
* Some build system related changes
-------------------------------------------------------------------
Tue Apr 16 09:55:28 UTC 2019 - Ferdinand Thiessen <rpm@fthiessen.de>
- Update to version 1.3.7:
* Fixed the handling of Unicode codepoints > U+FFFF
- Dropped fix-EbmlSInteger-limits.patch, fixed upstream.
-------------------------------------------------------------------
Mon Jul 30 17:03:28 UTC 2018 - rpm@fthiessen.de
- Added fix-EbmlSInteger-limits.patch from upstream.
* Fixes build with openSUSE <= 42.3
-------------------------------------------------------------------
Mon Jul 30 16:50:05 UTC 2018 - rpm@fthiessen.de
- Update to 1.3.6:
* Fixed undefined behavior when reading signed integers with
negative values from files.
* Fixed a small memory leak when reading an element runs into an
I/O exception (e.g. due to having reached the end of the file).
* Fixed the EbmlMaster::GetDataStart() function returning wrong
values for elements with an infinite/unknown size.
* Fixed finding the next element ID when garbage data is
encountered during the scan for the ID.
* Fixed several potential situations where reading child element
data could exceed the parent element's size.
-------------------------------------------------------------------
Fri Aug 25 09:53:45 UTC 2017 - rpm@fthiessen.de
- Update to 1.3.5
* The function EbmlMaster::CheckMandatory() will now only return
false if a mandatory element is missing for which there's no
default value in the specifications. This means that callers
such as EbmlMaster::UpdateSize() and by extension
EbmlMaster::Render() will not insist on all mandatory elements
being present anymore, but only those for which there's
no default value.
* Added a template function `FindNextChild`.
* Fix reading and EBML element even though the ID was not found
within the allowed reading limit.
* Fixed an instance of undefined behavior in
EbmlElement::GetSemantic() due to binding a dereferenced null
pointer to a reference.
-------------------------------------------------------------------
Fri Jul 15 11:42:30 UTC 2016 - rpm@fthiessen.de
- Update to new upstream release 1.3.4
* Some minor changes required for clang
* Some minor changes for C99 support
* Required for mkvtoolnix >= 9.3.0
-------------------------------------------------------------------
Thu Oct 22 08:34:42 UTC 2015 - rpm@fthiessen.de
- Update to new upstream release 1.3.3 (security fixes!):
* EbmlUnicodeString::UpdateFromUTF8(): Fixed an invalid memory
access. When reading from a UTF-8 string in which the length
indicated by a UTF-8 character's first byte exceeds the string's
actual number of bytes the parser would access beyond the end of
the string resulting in a heap information leak. Fixes the issue
reported as Cisco TALOS-CAN-0036.
* EbmlElement::ReadCodedSizeValue(): Fixed an invalid memory
access. When reading a EBML variable length integer value a read
access beyond the end of the available buffer was possible if
fewer bytes were available than indicated by the first byte
resulting in a heap information leak.
* EbmlMaster::Read(): When the parser encountered a deeply nested
element with an infinite size then a following element of an upper
level was not propagated correctly. Instead the element with the
infinite size was added into the EBML element tree a second time
resulting in memory access after freeing it and multiple attempts
to free the same memory address during destruction. Fixes the
issue reported as Cisco TALOS-CAN-0037.
* EbmlElement::FindNextElement(): Handle EOF when reading the
element size properly.
-------------------------------------------------------------------
Fri May 1 17:55:20 UTC 2015 - jengelh@inai.de
- Update package descriptions a bit
-------------------------------------------------------------------
Wed Feb 11 08:12:05 UTC 2015 - dimstar@opensuse.org
- Add back BuildRoot: the rpm version of SLE11 still requires this
and libebml is linked to 3rd party Build Servers, where building
for SLE11 is still enabled.
-------------------------------------------------------------------
Sun Feb 1 16:03:53 UTC 2015 - jengelh@inai.de
- Update to new upstream release 1.3.1
* EbmlMaster: Fixed read() trying to calculate the end position of
elements with an unknown size. This avoids endless loops and
assertions in certain cases.
* EbmlElement::Render(): does not catch exceptions anymore.
Instead, exceptions generated from the IOCallback class (e.g.
if a write failed) are propagated to the caller.
- Drop libebml-1.3.0-6efcb74d1e.patch (no longer relevant)
-------------------------------------------------------------------
Wed Aug 6 07:46:51 UTC 2014 - jengelh@inai.de
- Set RPM groups
-------------------------------------------------------------------
Tue Feb 11 19:54:48 UTC 2014 - dimstar@opensuse.org
- Also revert inlines-hidden: still breaks mkvtoolnix on i586.
-------------------------------------------------------------------
Thu Jan 16 18:00:42 UTC 2014 - crrodriguez@opensuse.org
- revert last change, breaks mkvtoolnix that uses
internal and symbols that are not annotated as public :(
keep inlines-hidden though.
-------------------------------------------------------------------
Sun Jan 12 15:57:53 UTC 2014 - crrodriguez@opensuse.org
- Support C++ visibility by reusing win32 code for the same
purpose.
- added patches:
* libebml-visibility.patch
-------------------------------------------------------------------
Tue May 21 13:40:34 UTC 2013 - reddwarf@opensuse.org
- Add libebml-1.3.0-6efcb74d1e.patch
- Simplify make calls
-------------------------------------------------------------------
Sat Mar 23 14:17:54 UTC 2013 - zaitor@opensuse.org
- Update to version 1.3.0:
+ Compilation warning fixes
+ GetValue() and SetValue() functions for
EbmlFloat/EbmlSInteger/EbmlUInteger
+ GetValue(), SetValue(), GetValueUTF8(), SetValueUTF8()
functions for EbmlString/EbmlUnicodeString
+ Date values use 64bit integers
+ Integer conversion operators were made 'const'
+ GetElementList() function for EbmlMaster providing a
reference to the underlying std::vector<> for better
interaction with the C++ standard library
+ New constructor for UTFstring taking a single std::wstring
+ Increased library .so name to .4 due to binary incompatible
changes.
+ Removed the Debian build files from our package.
- Bump soname following upstream code changes.
-------------------------------------------------------------------
Thu May 10 02:01:36 UTC 2012 - crrodriguez@opensuse.org
- Do not use gcc -ansi flag.
-------------------------------------------------------------------
Sun Sep 25 23:35:22 UTC 2011 - reddwarf@opensuse.org
- Update to version 1.2.2
+ fix usage of the DEBUG #define (use LIBEBML_DEBUG instead)
+ The EbmlCodeVersion variable now resides in the library instead of being declared static in the header file.
+ only use the test element to read once in the loop
-------------------------------------------------------------------
Thu Jun 30 12:16:17 CEST 2011 - dimstar@opensuse.org
- Update to version 1.2.1:
+ fix the constructor of CRTError in StdIOCallback
+ fix the size returned by MemIOCallback::read() when reaching
the end of the buffer
+ add a macro to define signed integer elements that have a
default value
+ fix compilation of debug builds on win32
+ fix for Sun Studio C compiler
- Stop source service usage: Factory is moving to a slightly
different approch to verify source authenticity. Cconsequently,
specify a full URL as Source.
-------------------------------------------------------------------
Tue Apr 19 00:18:56 CEST 2011 - ro@suse.de
- update baselibs.conf
-------------------------------------------------------------------
Sun Jan 30 17:16:02 UTC 2011 - reddwarf@opensuse.org
- update to version 1.2.0
- no need to put the internal code of EbmlCrc32 in the public header
- more safety on the Binary buffer handling in case we run out of memory
- fix CRC32 detection in master elements
- fix compilation under gcc 4.5
- Fixed handling of UTF-8 strings with characters encoded in more than three bytes
- Increased library .so name to .3 due to binary incompatible changes
-------------------------------------------------------------------
Wed Dec 8 23:40:32 UTC 2010 - cristian.rodriguez@opensuse.org
- fix -devel package dependencies
-------------------------------------------------------------------
Wed Jul 28 09:37:04 UTC 2010 - coolo@novell.com
- fix build in renaming shared library package
-------------------------------------------------------------------
Sat Jun 5 19:51:28 UTC 2010 - cmorve69@yahoo.es
- Update to version 1.0.0
- Fix more issues which came to light with the recent push of
WebM -- mostly regarding elements with unknown sizes.
-------------------------------------------------------------------
Sat May 15 13:21:04 UTC 2010 - cmorve69@yahoo.es
- update to version 0.8.0
- new macros to simplify and unify the way to declare and define EBML elements
- new macros to access variables of a Class/Object so that switching to libebml v2 is transparent
- add an EBML_STRICT_API compilation flag (off by default) to avoid direct access to internal class variables
- fix some building issues on Linux and MinGW
- add accessor calls to the base classes to avoid direct access to internal class variables
- add iterators to navigate throught the EbmlMaster children
- use a new filepos_t type for everything that relates to an element position/data size with INVALID_FILEPOS_T in case of errors
- remove the const on integer values
-------------------------------------------------------------------
Mon Mar 16 22:56:09 CET 2009 - crrodriguez@suse.de
- remove static libraries
-------------------------------------------------------------------
Wed Mar 5 16:39:04 CET 2008 - seife@suse.de
- update to version 0.7.8 - only gcc-4.3 build fixes
- remove our gcc-4.3 patch
-------------------------------------------------------------------
Wed Oct 24 22:43:41 CEST 2007 - seife@suse.de
- fix gcc-43 build problems (bugs 330737, 336510)
-------------------------------------------------------------------
Sun May 27 00:04:49 CEST 2007 - ro@suse.de
- split off devel package
-------------------------------------------------------------------
Tue Oct 31 11:01:32 CET 2006 - meissner@suse.de
- use RPM_OPT_FLAGS
-------------------------------------------------------------------
Fri Mar 31 18:12:02 CEST 2006 - seife@suse.de
- update to version 0.7.7 bugfix release that fixes pointer
aliasing issues
-------------------------------------------------------------------
Wed Jan 25 21:37:26 CET 2006 - mls@suse.de
- converted neededforbuild to BuildRequires
-------------------------------------------------------------------
Mon Nov 21 19:46:16 CET 2005 - seife@suse.de
- version update to 0.7.6
-------------------------------------------------------------------
Tue Nov 15 14:49:33 CET 2005 - uli@suse.de
- build with -O1 on ARM (ICE workaround)
-------------------------------------------------------------------
Wed Nov 2 21:41:22 CET 2005 - dmueller@suse.de
- don't build as root
-------------------------------------------------------------------
Tue Jul 5 13:43:56 CEST 2005 - seife@suse.de
- version update to 0.7.5
-------------------------------------------------------------------
Sun Apr 17 10:36:40 CEST 2005 - seife@suse.de
- version update to 0.7.4
-------------------------------------------------------------------
Fri Apr 15 10:17:32 CEST 2005 - sf@suse.de
- changed patch to only prevent 'unary lvalue error' for GCC4
-------------------------------------------------------------------
Thu Apr 14 15:00:00 CEST 2005 - yxu@suse.de
- fixed for GCC4
-------------------------------------------------------------------
Mon Feb 7 09:43:05 CET 2005 - seife@suse.de
- version update to 0.7.3
-------------------------------------------------------------------
Tue Oct 26 18:06:59 CEST 2004 - seife@suse.de
- version update to 0.7.2
-------------------------------------------------------------------
Wed Sep 1 23:56:33 CEST 2004 - seife@suse.de
- initial submission
Reference in New Issue View Git Blame Copy Permalink