From 14b9a5af9507182975ac27267239a247130cb05c7afbacfd4a7601d789cb0246 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ismail=20D=C3=B6nmez?= Date: Mon, 29 Oct 2018 10:18:50 +0000 Subject: [PATCH] Accepting request 645209 from home:mcalabkova:branches:multimedia:libs - Update to version 2.1.0 * Disable anti-alias filter when switch SOUNDTOUCH_PREVENT_CLICK_AT_RATE_CROSSOVER defined * Added script for building SoundTouchDll dynamic-link-library for GNU platforms * Rewrote Beats-per-Minute analysis algorithm for more reliable BPM detection * Added BPM functions to SoundTouchDll API * Migrated Visual Studio project files to MSVC 201x format * Replaced function parameter value asserts with runtime exceptions - Fixed bugs: * CVE-2018-17098 (bsc#1108632) -- remote denial of service * CVE-2018-17097 (bsc#1108631) -- remote denial of service (double free) * CVE-2018-17096 (bsc#1108630) -- remote denial of service in BPMDetect.cpp * boo#1113134 -- out of date package - Removed obsolete patch fix-buffer-overflow.patch OBS-URL: https://build.opensuse.org/request/show/645209 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/soundtouch?expand=0&rev=30 --- fix-buffer-overflow.patch | 44 --------------------------------------- soundtouch-2.0.0.tar.gz | 3 --- soundtouch-2.1.0.tar.gz | 3 +++ soundtouch.changes | 21 +++++++++++++++++++ soundtouch.spec | 10 ++++----- 5 files changed, 28 insertions(+), 53 deletions(-) delete mode 100644 fix-buffer-overflow.patch delete mode 100644 soundtouch-2.0.0.tar.gz create mode 100644 soundtouch-2.1.0.tar.gz diff --git a/fix-buffer-overflow.patch b/fix-buffer-overflow.patch deleted file mode 100644 index d010775..0000000 --- a/fix-buffer-overflow.patch +++ /dev/null @@ -1,44 +0,0 @@ - -Index: soundtouch/source/SoundStretch/WavFile.cpp -=================================================================== ---- soundtouch.orig/source/SoundStretch/WavFile.cpp -+++ soundtouch/source/SoundStretch/WavFile.cpp -@@ -528,12 +528,16 @@ int WavInFile::readHeaderBlock() - // read length of the format field - if (fread(&nLen, sizeof(int), 1, fptr) != 1) return -1; - // swap byte order if necessary -- _swap32(nLen); // int format_len; -- header.format.format_len = nLen; -+ _swap32(nLen); - -- // calculate how much length differs from expected -+ // calculate how much length differs from expected - nDump = nLen - ((int)sizeof(header.format) - 8); - -+ // verify that header length isn't smaller than expected structure -+ if ((nLen < 0) || (nDump < 0)) return -1; -+ -+ header.format.format_len = nLen; -+ - // if format_len is larger than expected, read only as much data as we've space for - if (nDump > 0) - { -@@ -569,12 +573,16 @@ int WavInFile::readHeaderBlock() - // read length of the fact field - if (fread(&nLen, sizeof(int), 1, fptr) != 1) return -1; - // swap byte order if necessary -- _swap32(nLen); // int fact_len; -- header.fact.fact_len = nLen; -+ _swap32(nLen); - - // calculate how much length differs from expected - nDump = nLen - ((int)sizeof(header.fact) - 8); - -+ // verify that fact length isn't smaller than expected structure -+ if ((nLen < 0) || (nDump < 0)) return -1; -+ -+ header.fact.fact_len = nLen; -+ - // if format_len is larger than expected, read only as much data as we've space for - if (nDump > 0) - { diff --git a/soundtouch-2.0.0.tar.gz b/soundtouch-2.0.0.tar.gz deleted file mode 100644 index 0753f79..0000000 --- a/soundtouch-2.0.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d224f7d1421b5f8e74a74c85741345bd9802618a40ae30ce5b427a5705c89d25 -size 455148 diff --git a/soundtouch-2.1.0.tar.gz b/soundtouch-2.1.0.tar.gz new file mode 100644 index 0000000..fabf0e2 --- /dev/null +++ b/soundtouch-2.1.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:454712b08bf758f6a4c0df8821350c323e5b274443a20e21d193d17c5dc3d0d5 +size 458371 diff --git a/soundtouch.changes b/soundtouch.changes index e495bd2..035d95d 100644 --- a/soundtouch.changes +++ b/soundtouch.changes @@ -1,3 +1,24 @@ +------------------------------------------------------------------- +Mon Oct 29 09:31:51 UTC 2018 - Marketa Calabkova + +- Update to version 2.1.0 + * Disable anti-alias filter when switch + SOUNDTOUCH_PREVENT_CLICK_AT_RATE_CROSSOVER defined + * Added script for building SoundTouchDll dynamic-link-library for + GNU platforms + * Rewrote Beats-per-Minute analysis algorithm for more reliable + BPM detection + * Added BPM functions to SoundTouchDll API + * Migrated Visual Studio project files to MSVC 201x format + * Replaced function parameter value asserts with runtime exceptions +- Fixed bugs: + * CVE-2018-17098 (bsc#1108632) -- remote denial of service + * CVE-2018-17097 (bsc#1108631) -- remote denial of service (double free) + * CVE-2018-17096 (bsc#1108630) -- remote denial of service + in BPMDetect.cpp + * boo#1113134 -- out of date package +- Removed obsolete patch fix-buffer-overflow.patch + ------------------------------------------------------------------- Thu Sep 6 12:29:20 UTC 2018 - Marketa Calabkova diff --git a/soundtouch.spec b/soundtouch.spec index 330154a..16459e6 100644 --- a/soundtouch.spec +++ b/soundtouch.spec @@ -12,19 +12,19 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # %define sover 1 Name: soundtouch -Version: 2.0.0 +Version: 2.1.0 Release: 0 Summary: Audio Processing Library License: LGPL-2.1-or-later Group: Productivity/Multimedia/Sound/Editors and Convertors Url: https://www.surina.net/soundtouch -Source: https://www.surina.net/soundtouch/%{name}-%{version}.tar.gz +Source: https://gitlab.com/soundtouch/soundtouch/-/archive/%{version}/%{name}-%{version}.tar.gz Source1: https://salsa.debian.org/multimedia-team/soundtouch/raw/master/debian/soundstretch.1 Source99: baselibs.conf BuildRequires: autoconf @@ -32,7 +32,6 @@ BuildRequires: automake BuildRequires: gcc-c++ BuildRequires: libtool BuildRequires: pkgconfig -Patch0: fix-buffer-overflow.patch %description SoundTouch is a C++ audio processing library that allows @@ -70,11 +69,10 @@ This subpackage contains the header files for building programs with SoundTouch. %prep -%setup -q -n %{name} +%setup -q -n %{name}-%{version} tr -d '\r' README.html~ touch -r README.html README.html~ mv README.html~ README.html -%patch0 -p1 %build ./bootstrap