Accepting request 460711 from home:Zaitor:branches:multimedia:libs

Versionbump, does nothing but "obsolete" the patch we already have in.

OBS-URL: https://build.opensuse.org/request/show/460711
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/opus?expand=0&rev=24
This commit is contained in:
Ismail Dönmez 2017-02-27 17:01:58 +00:00 committed by Git OBS Bridge
parent 4525cf9540
commit a09a0e5cc9
5 changed files with 13 additions and 34 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:58b6fe802e7e30182e95d0cde890c0ace40b6f125cffc50635f0ad2eef69b633
size 978848

3
opus-1.1.4.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9122b6b380081dd2665189f97bfd777f04f92dc3ab6698eea1dbb27ad59d8692
size 978830

View File

@ -1,27 +0,0 @@
From 79e8f527b0344b0897a65be35e77f7885bd99409 Mon Sep 17 00:00:00 2001
From: Felicia Lim <flim@google.com>
Date: Thu, 28 Jul 2016 15:21:19 +0200
Subject: [PATCH] Ensure that NLSF cannot be negative when computing a min
distance between them
Signed-off-by: Jean-Marc Valin <jmvalin@jmvalin.ca>
---
silk/NLSF_stabilize.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/silk/NLSF_stabilize.c b/silk/NLSF_stabilize.c
index 1fa1ea3..8f3426b 100644
--- a/silk/NLSF_stabilize.c
+++ b/silk/NLSF_stabilize.c
@@ -130,7 +130,7 @@ void silk_NLSF_stabilize(
/* Keep delta_min distance between the NLSFs */
for( i = 1; i < L; i++ )
- NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], NLSF_Q15[i-1] + NDeltaMin_Q15[i] );
+ NLSF_Q15[i] = silk_max_int( NLSF_Q15[i], silk_ADD_SAT16( NLSF_Q15[i-1], NDeltaMin_Q15[i] ) );
/* Last NLSF should be no higher than 1 - NDeltaMin[L] */
NLSF_Q15[L-1] = silk_min_int( NLSF_Q15[L-1], (1<<15) - NDeltaMin_Q15[L] );
--
2.1.4

View File

@ -1,3 +1,12 @@
-------------------------------------------------------------------
Sun Feb 26 23:08:38 UTC 2017 - zaitor@opensuse.org
- Update to version 1.1.4 (CVE-2017-0381):
+ A specially-crafted Opus packet could cause an integer
wrap-around in the SILK LSF stabilization code. This would
cause an out-of-bounds read 256 bytes before a constant table.
- Drop opus-NLSF-not-negative.patch: Fixed upstream.
------------------------------------------------------------------- -------------------------------------------------------------------
Mon Jan 16 20:56:54 UTC 2017 - zaitor@opensuse.org Mon Jan 16 20:56:54 UTC 2017 - zaitor@opensuse.org

View File

@ -19,7 +19,7 @@
%define soname 0 %define soname 0
Name: opus Name: opus
Version: 1.1.3 Version: 1.1.4
Release: 0 Release: 0
Summary: Opus Audio Codec Library Summary: Opus Audio Codec Library
License: BSD-3-Clause License: BSD-3-Clause
@ -27,8 +27,6 @@ Group: System/Libraries
Url: http://opus-codec.org/ Url: http://opus-codec.org/
Source: http://downloads.xiph.org/releases/opus/%{name}-%{version}.tar.gz Source: http://downloads.xiph.org/releases/opus/%{name}-%{version}.tar.gz
Source99: baselibs.conf Source99: baselibs.conf
# PATCH-FIX-UPSTREAM opus-NLSF-not-negative.patch CVE-2017-0381 boo#1020102 zaitor@opensuse.org -- Ensure that NLSF cannot be negative when computing a min distance between them.
Patch0: opus-NLSF-not-negative.patch
BuildRequires: pkg-config BuildRequires: pkg-config
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -68,7 +66,6 @@ technology from Skype's SILK codec and Xiph.Org's CELT codec.
%prep %prep
%setup -q %setup -q
%patch0 -p1
%build %build
%configure \ %configure \