Takashi Iwai
48310b6f69
- Update to version 1.3.7 * Fix CVE-2018-10392 and CVE-2018-10393 - out-of-bounds read encoding very low sample rates * Fix CVE-2017-14160 - out-of-bounds read encoding very low sample rates. * Fix handling invalid bytes per sample arguments. * Fix handling invalid channel count arguments. * Fix invalid free on seek failure. * Fix negative shift reading blocksize. * Fix accepting unreasonable float32 values. * Fix tag comparison depending on locale. * Fix unnecessarily linking libm. * Fix memory leak in test_sharedbook. * Distribute CMake build files with the source package. * Remove unnecessary configure --target switch. * Add OSS-Fuzz support. * Build system and integration updates. - Drop not longer needed patches (fixed by upstream): * vorbis-CVE-2017-14160.patch * vorbis-CVE-2018-10392.patch * vorbis-CVE-2018-10393.patch - Add source verification OBS-URL: https://build.opensuse.org/request/show/819974 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libvorbis?expand=0&rev=64 |
||
---|---|---|
.gitattributes | ||
.gitignore | ||
baselibs.conf | ||
libvorbis-1.3.7.tar.xz | ||
libvorbis-1.3.7.tar.xz.asc | ||
libvorbis-doc.changes | ||
libvorbis-doc.spec | ||
libvorbis-lib64.dif | ||
libvorbis-m4.dif | ||
libvorbis.changes | ||
libvorbis.keyring | ||
libvorbis.spec | ||
vorbis-ocloexec.patch |