libvorbis/libvorbis-1.3.7.tar.xz at d85a6f21568339ec0536b65ecb4472ff91ebdc56cb75d970e567847e2b2b25f4

SHA256

Files

Takashi Iwai 48310b6f69 Accepting request 819974 from home:mnhauke

- Update to version 1.3.7
  * Fix CVE-2018-10392 and CVE-2018-10393 - out-of-bounds read
    encoding very low sample rates
  * Fix CVE-2017-14160 - out-of-bounds read encoding very low
    sample rates.
  * Fix handling invalid bytes per sample arguments.
  * Fix handling invalid channel count arguments.
  * Fix invalid free on seek failure.
  * Fix negative shift reading blocksize.
  * Fix accepting unreasonable float32 values.
  * Fix tag comparison depending on locale.
  * Fix unnecessarily linking libm.
  * Fix memory leak in test_sharedbook.
  * Distribute CMake build files with the source package.
  * Remove unnecessary configure --target switch.
  * Add OSS-Fuzz support.
  * Build system and integration updates.
- Drop not longer needed patches (fixed by upstream):
  * vorbis-CVE-2017-14160.patch
  * vorbis-CVE-2018-10392.patch
  * vorbis-CVE-2018-10393.patch
- Add source verification

OBS-URL: https://build.opensuse.org/request/show/819974
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/libvorbis?expand=0&rev=64

2020-07-10 12:52:43 +00:00

1.1 MiB (Stored with Git LFS)

Raw History

View Raw

1.1 MiB (Stored with Git LFS) Raw History

1.1 MiB (Stored with Git LFS)

Raw History