Takashi Iwai
48310b6f69
- Update to version 1.3.7
* Fix CVE-2018-10392 and CVE-2018-10393 - out-of-bounds read
encoding very low sample rates
* Fix CVE-2017-14160 - out-of-bounds read encoding very low
sample rates.
* Fix handling invalid bytes per sample arguments.
* Fix handling invalid channel count arguments.
* Fix invalid free on seek failure.
* Fix negative shift reading blocksize.
* Fix accepting unreasonable float32 values.
* Fix tag comparison depending on locale.
* Fix unnecessarily linking libm.
* Fix memory leak in test_sharedbook.
* Distribute CMake build files with the source package.
* Remove unnecessary configure --target switch.
* Add OSS-Fuzz support.
* Build system and integration updates.
- Drop not longer needed patches (fixed by upstream):
* vorbis-CVE-2017-14160.patch
* vorbis-CVE-2018-10392.patch
* vorbis-CVE-2018-10393.patch
- Add source verification
OBS-URL: https://build.opensuse.org/request/show/819974
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libvorbis?expand=0&rev=64
|
||
|---|---|---|
| .gitattributes | ||
| .gitignore | ||
| baselibs.conf | ||
| libvorbis-1.3.7.tar.xz | ||
| libvorbis-1.3.7.tar.xz.asc | ||
| libvorbis-doc.changes | ||
| libvorbis-doc.spec | ||
| libvorbis-lib64.dif | ||
| libvorbis-m4.dif | ||
| libvorbis.changes | ||
| libvorbis.keyring | ||
| libvorbis.spec | ||
| vorbis-ocloexec.patch | ||