Accepting request 988452 from home:dirkmueller:Factory

- update to 1.2.1:
  * Check for _WIN32 instead of WIN32 in preprocessor checks
  * wav_io: check for EOF when seeking in wav (fixes hang discovered by fuzzing)
  * CI: add gitlab CI integration
  * fixed-point: make left shift macros use unsigned to avoid undefined behaviour
  * math_approx: use unsigned int for LCG pseudorandom generator (avoids integer overflow)
  * oss-fuzz: add integration and fuzzing target
  * speexenc: guard against invalid channel numbers)
  * speexdec: make left shift macros use unsigned to avoid undefined behaviour
  * autotools: do not use deprecated macros 
- drop speex-CVE-2020-23903.patch (upstream)

OBS-URL: https://build.opensuse.org/request/show/988452
OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/speex?expand=0&rev=27

speex-1.2.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:eaae8af0ac742dc7d542c9439ac72f1f385ce838392dc849cae4536af9210094
-size 1047080

speex-CVE-2020-23903.patch

@@ -1,26 +0,0 @@
-From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001
-From: Tristan Matthews <tmatth@videolan.org>
-Date: Mon, 13 Jul 2020 23:25:03 -0400
-Subject: [PATCH] wav_io: guard against invalid channel numbers
-
-Fixes #13
----
- src/wav_io.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/wav_io.c b/src/wav_io.c
-index b518301..09d62eb 100644
---- a/src/wav_io.c
-+++ b/src/wav_io.c
-@@ -111,7 +111,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32
-    stmp = le_short(stmp);
-    *channels = stmp;
- 
--   if (stmp>2)
-+   if (stmp>2 || stmp<1)
-    {
-       fprintf (stderr, "Only mono and (intensity) stereo supported\n");
-       return -1;
--- 
-GitLab
-

speex-no-build-date.patch

@@ -1,8 +1,8 @@
 Index: src/speexdec.c
 ===================================================================
---- src/speexdec.c.orig	2008-05-30 09:34:16.000000000 +0200
-+++ src/speexdec.c	2010-09-04 01:48:51.580370000 +0200
-@@ -292,7 +292,7 @@ void version()
+--- src/speexdec.c.orig
++++ src/speexdec.c
+@@ -291,7 +291,7 @@ void version()
  {
     const char* speex_version;
     speex_lib_ctl(SPEEX_LIB_GET_VERSION_STRING, (void*)&speex_version);
@@ -13,9 +13,9 @@ Index: src/speexdec.c
  
 Index: src/speexenc.c
 ===================================================================
---- src/speexenc.c.orig	2010-09-04 01:48:13.000000000 +0200
-+++ src/speexenc.c	2010-09-04 01:49:30.654133000 +0200
-@@ -185,7 +185,7 @@ void version()
+--- src/speexenc.c.orig
++++ src/speexenc.c
+@@ -203,7 +203,7 @@ void version()
  {
     const char* speex_version;
     speex_lib_ctl(SPEEX_LIB_GET_VERSION_STRING, (void*)&speex_version);
@@ -23,3 +23,4 @@ Index: src/speexenc.c
 +   printf ("speexenc (Speex encoder) version %s\n", speex_version);
     printf ("Copyright (C) 2002-2006 Jean-Marc Valin\n");
  }
+ 

speex.changes

@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Mon Jul 11 16:31:04 UTC 2022 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.2.1:
+  * Check for _WIN32 instead of WIN32 in preprocessor checks
+  * wav_io: check for EOF when seeking in wav (fixes hang discovered by fuzzing)
+  * CI: add gitlab CI integration
+  * fixed-point: make left shift macros use unsigned to avoid undefined behaviour
+  * math_approx: use unsigned int for LCG pseudorandom generator (avoids integer overflow)
+  * oss-fuzz: add integration and fuzzing target
+  * speexenc: guard against invalid channel numbers)
+  * speexdec: make left shift macros use unsigned to avoid undefined behaviour
+  * autotools: do not use deprecated macros 
+- drop speex-CVE-2020-23903.patch (upstream) 
+
 -------------------------------------------------------------------
 Thu Nov 11 13:18:22 CET 2021 - tiwai@suse.de
 

speex.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package speex
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -16,23 +16,20 @@
 #
 
 
-%define upstream_version 1.2.0
 %define libname libspeex1
 Name:           speex
-Version:        1.2
+Version:        1.2.1
 Release:        0
 Summary:        An Open Source, Patent Free Speech Codec
 License:        BSD-3-Clause
 Group:          System/Libraries
-URL:            http://www.speex.org/
-Source0:        http://downloads.xiph.org/releases/speex/%{name}-%{upstream_version}.tar.gz
+URL:            https://www.speex.org/
+Source0:        https://downloads.xiph.org/releases/speex/%{name}-%{version}.tar.gz
 Source1:        baselibs.conf
 Patch0:         speex-no-build-date.patch
-Patch1:         speex-CVE-2020-23903.patch
-BuildRequires:  pkg-config
+BuildRequires:  pkgconfig
 BuildRequires:  pkgconfig(ogg)
 BuildRequires:  pkgconfig(speexdsp)
-BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
 %description
 Speex is a patent free audio codec designed especially for voice
@@ -65,19 +62,18 @@ This package contains the files needed to compile programs that use the
 SpeeX library.
 
 %prep
-%setup -q -n %{name}-%{upstream_version}
-%patch0 
-%patch1 -p1
+%setup -q
+%patch0
 
 %build
 %configure \
 	--enable-binaries \
-	--disable-static 
+	--disable-static
 
-make %{?_smp_mflags}
+%make_build
 
 %install
-make DESTDIR=%{buildroot} install %{?_smp_mflags}
+%make_install
 # remove duped documents
 rm -rf %{buildroot}%{_datadir}/doc/speex*
 # remove unneeded *.la files
@@ -85,21 +81,18 @@ find %{buildroot} -type f -name "*.la" -delete -print
 rm -f %{buildroot}%{_libdir}/*.a
 
 %post -n %{libname} -p /sbin/ldconfig
-
 %postun -n %{libname} -p /sbin/ldconfig
 
 %files
-%defattr(-,root,root)
-%doc AUTHORS ChangeLog COPYING NEWS README TODO
+%license COPYING
+%doc AUTHORS ChangeLog NEWS README TODO
 %{_bindir}/speex*
 %{_mandir}/man?/*
 
 %files -n %{libname}
-%defattr(-,root,root)
 %{_libdir}/libspeex.so.*
 
 %files devel
-%defattr(-,root,root)
 %doc doc/manual.pdf
 %{_includedir}/*
 %{_libdir}/lib*.so