Accepting request 655301 from multimedia:libs
Update to git snapshot from 2018/10/28 to enable qt5 clementine to build and allow clementine to build against libcryptopp7. Please accept before clementine OBS-URL: https://build.opensuse.org/request/show/655301 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/taglib?expand=0&rev=52
This commit is contained in:
commit
92cf992d2d
3
taglib-1.11.1+git20181028.tar.gz
Normal file
3
taglib-1.11.1+git20181028.tar.gz
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:50fb6715272818c043d7c71f8d9ffb0c8364992a6121bc209e2ff81632994f9c
|
||||||
|
size 1299993
|
@ -1,3 +0,0 @@
|
|||||||
version https://git-lfs.github.com/spec/v1
|
|
||||||
oid sha256:b6d1a5a610aae6ff39d93de5efd0fdc787aa9e9dc1e7026fa4c961b26563526b
|
|
||||||
size 1261620
|
|
@ -1,35 +0,0 @@
|
|||||||
https://github.com/taglib/taglib/pull/831/commits/eb9ded1206f18f2c319157337edea2533a40bea6
|
|
||||||
|
|
||||||
From eb9ded1206f18f2c319157337edea2533a40bea6 Mon Sep 17 00:00:00 2001
|
|
||||||
From: "Stephen F. Booth" <me@sbooth.org>
|
|
||||||
Date: Sun, 23 Jul 2017 10:11:09 -0400
|
|
||||||
Subject: [PATCH] Don't assume TDRC is an instance of TextIdentificationFrame
|
|
||||||
|
|
||||||
If TDRC is encrypted, FrameFactory::createFrame() returns UnknownFrame
|
|
||||||
which causes problems in rebuildAggregateFrames() when it is assumed
|
|
||||||
that TDRC is a TextIdentificationFrame
|
|
||||||
---
|
|
||||||
taglib/mpeg/id3v2/id3v2framefactory.cpp | 5 +++--
|
|
||||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/taglib/mpeg/id3v2/id3v2framefactory.cpp b/taglib/mpeg/id3v2/id3v2framefactory.cpp
|
|
||||||
index 759a9b7b..9347ab86 100644
|
|
||||||
--- a/taglib/mpeg/id3v2/id3v2framefactory.cpp
|
|
||||||
+++ b/taglib/mpeg/id3v2/id3v2framefactory.cpp
|
|
||||||
@@ -334,10 +334,11 @@ void FrameFactory::rebuildAggregateFrames(ID3v2::Tag *tag) const
|
|
||||||
tag->frameList("TDAT").size() == 1)
|
|
||||||
{
|
|
||||||
TextIdentificationFrame *tdrc =
|
|
||||||
- static_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front());
|
|
||||||
+ dynamic_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front());
|
|
||||||
UnknownFrame *tdat = static_cast<UnknownFrame *>(tag->frameList("TDAT").front());
|
|
||||||
|
|
||||||
- if(tdrc->fieldList().size() == 1 &&
|
|
||||||
+ if(tdrc &&
|
|
||||||
+ tdrc->fieldList().size() == 1 &&
|
|
||||||
tdrc->fieldList().front().size() == 4 &&
|
|
||||||
tdat->data().size() >= 5)
|
|
||||||
{
|
|
||||||
--
|
|
||||||
2.13.1
|
|
||||||
|
|
@ -1,41 +0,0 @@
|
|||||||
From 272648ccfcccae30e002ccf34a22e075dd477278 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Scott Gayou <github.scott@gmail.com>
|
|
||||||
Date: Mon, 4 Jun 2018 11:34:36 -0400
|
|
||||||
Subject: [PATCH] Fixed OOB read when loading invalid ogg flac file. (#868)
|
|
||||||
|
|
||||||
CVE-2018-11439 is caused by a failure to check the minimum length
|
|
||||||
of a ogg flac header. This header is detailed in full at:
|
|
||||||
https://xiph.org/flac/ogg_mapping.html. Added more strict checking
|
|
||||||
for entire header.
|
|
||||||
---
|
|
||||||
taglib/ogg/flac/oggflacfile.cpp | 14 ++++++++++++--
|
|
||||||
1 file changed, 12 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
diff --git a/taglib/ogg/flac/oggflacfile.cpp b/taglib/ogg/flac/oggflacfile.cpp
|
|
||||||
index 53d04508a..07ea9dccc 100644
|
|
||||||
--- a/taglib/ogg/flac/oggflacfile.cpp
|
|
||||||
+++ b/taglib/ogg/flac/oggflacfile.cpp
|
|
||||||
@@ -231,11 +231,21 @@ void Ogg::FLAC::File::scan()
|
|
||||||
|
|
||||||
if(!metadataHeader.startsWith("fLaC")) {
|
|
||||||
// FLAC 1.1.2+
|
|
||||||
+ // See https://xiph.org/flac/ogg_mapping.html for the header specification.
|
|
||||||
+ if(metadataHeader.size() < 13)
|
|
||||||
+ return;
|
|
||||||
+
|
|
||||||
+ if(metadataHeader[0] != 0x7f)
|
|
||||||
+ return;
|
|
||||||
+
|
|
||||||
if(metadataHeader.mid(1, 4) != "FLAC")
|
|
||||||
return;
|
|
||||||
|
|
||||||
- if(metadataHeader[5] != 1)
|
|
||||||
- return; // not version 1
|
|
||||||
+ if(metadataHeader[5] != 1 && metadataHeader[6] != 0)
|
|
||||||
+ return; // not version 1.0
|
|
||||||
+
|
|
||||||
+ if(metadataHeader.mid(9, 4) != "fLaC")
|
|
||||||
+ return;
|
|
||||||
|
|
||||||
metadataHeader = metadataHeader.mid(13);
|
|
||||||
}
|
|
@ -1,25 +0,0 @@
|
|||||||
From 9336c82da3a04552168f208cd7a5fa4646701ea4 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Tsuda Kageyu <tsuda.kageyu@gmail.com>
|
|
||||||
Date: Thu, 1 Dec 2016 11:32:01 +0900
|
|
||||||
Subject: [PATCH] Fix possible Ogg packet losses.
|
|
||||||
|
|
||||||
---
|
|
||||||
taglib/ogg/oggfile.cpp | 2 +-
|
|
||||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
||||||
|
|
||||||
diff --git a/taglib/ogg/oggfile.cpp b/taglib/ogg/oggfile.cpp
|
|
||||||
index 86b0b076..c36e4d46 100644
|
|
||||||
--- a/taglib/ogg/oggfile.cpp
|
|
||||||
+++ b/taglib/ogg/oggfile.cpp
|
|
||||||
@@ -253,7 +253,7 @@ void Ogg::File::writePacket(unsigned int i, const ByteVector &packet)
|
|
||||||
ByteVectorList packets = firstPage->packets();
|
|
||||||
packets[i - firstPage->firstPacketIndex()] = packet;
|
|
||||||
|
|
||||||
- if(firstPage != lastPage && lastPage->packetCount() > 2) {
|
|
||||||
+ if(firstPage != lastPage && lastPage->packetCount() > 1) {
|
|
||||||
ByteVectorList lastPagePackets = lastPage->packets();
|
|
||||||
lastPagePackets.erase(lastPagePackets.begin());
|
|
||||||
packets.append(lastPagePackets);
|
|
||||||
--
|
|
||||||
2.19.1
|
|
||||||
|
|
13
taglib-versionbump.patch
Normal file
13
taglib-versionbump.patch
Normal file
@ -0,0 +1,13 @@
|
|||||||
|
Index: taglib/toolkit/taglib.h
|
||||||
|
===================================================================
|
||||||
|
--- taglib/toolkit/taglib.h.orig 2018-10-28 15:43:45.000000000 +0200
|
||||||
|
+++ taglib/toolkit/taglib.h 2018-11-03 14:59:44.431327422 +0200
|
||||||
|
@@ -30,7 +30,7 @@
|
||||||
|
|
||||||
|
#define TAGLIB_MAJOR_VERSION 1
|
||||||
|
#define TAGLIB_MINOR_VERSION 11
|
||||||
|
-#define TAGLIB_PATCH_VERSION 1
|
||||||
|
+#define TAGLIB_PATCH_VERSION 2
|
||||||
|
|
||||||
|
#if defined(__GNUC__) && (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ > 1)) || defined(__clang__)
|
||||||
|
#define TAGLIB_IGNORE_MISSING_DESTRUCTOR _Pragma("GCC diagnostic ignored \"-Wnon-virtual-dtor\"")
|
@ -1,3 +1,31 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Wed Dec 5 09:07:42 UTC 2018 - davejplater@gmail.com
|
||||||
|
|
||||||
|
- Update to 1.11.1+git20181028 and add taglib-versionbump.patch to
|
||||||
|
enable qt5 clementine to build with system taglib.
|
||||||
|
- Removed incorporated taglib-CVE-2017-12678.patch,
|
||||||
|
taglib-CVE-2018-11439.patch and taglib-fix-ogg.patch.
|
||||||
|
- Upstream changes:
|
||||||
|
*Added support for DSF and DSDIFF files.
|
||||||
|
*Added support for WinRT.
|
||||||
|
*Added support for classical music tags of iTunes 12.5.
|
||||||
|
*Added support for file descriptor to FileStream.
|
||||||
|
*Added support for 'cmID', 'purl', 'egid' MP4 atoms.
|
||||||
|
*Enabled FileRef to detect file types based on the stream content.
|
||||||
|
*Check for mandatory header objects in ASF files.
|
||||||
|
*Fixed OOB read on invalid Ogg FLAC files (CVE-2018-11439).
|
||||||
|
*Fixed handling of empty MPEG files.
|
||||||
|
*Fixed reading MP4 atoms with zero length.
|
||||||
|
*Fixed reading FLAC files with zero-sized seektables.
|
||||||
|
*Fixed handling of lowercase field names in Vorbis Comments.
|
||||||
|
*Fixed handling of 'rate' atoms in MP4 files.
|
||||||
|
*Fixed handling of invalid UTF-8 sequences.
|
||||||
|
*Fixed possible file corruptions when saving Ogg files.
|
||||||
|
*TableOfContentsFrame::toString() improved.
|
||||||
|
*UserTextIdentificationFrame::toString() improved.
|
||||||
|
*Marked FileRef::create() deprecated.
|
||||||
|
*Several smaller bug fixes and performance improvements.
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Tue Nov 13 22:29:57 UTC 2018 - Jonas Kvinge <jonas@jkvinge.net>
|
Tue Nov 13 22:29:57 UTC 2018 - Jonas Kvinge <jonas@jkvinge.net>
|
||||||
|
|
||||||
|
20
taglib.spec
20
taglib.spec
@ -12,24 +12,24 @@
|
|||||||
# license that conforms to the Open Source Definition (Version 1.9)
|
# license that conforms to the Open Source Definition (Version 1.9)
|
||||||
# published by the Open Source Initiative.
|
# published by the Open Source Initiative.
|
||||||
|
|
||||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||||
#
|
#
|
||||||
|
|
||||||
|
|
||||||
|
%define rev 5cb589a5b82c13ba8f0542e5e79629da7645cb3c
|
||||||
|
|
||||||
Name: taglib
|
Name: taglib
|
||||||
Version: 1.11.1
|
Version: 1.11.1+git20181028
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: Audio Meta-Data Library
|
Summary: Audio Meta-Data Library
|
||||||
License: LGPL-2.1-or-later AND MPL-1.1
|
License: LGPL-2.1-or-later AND MPL-1.1
|
||||||
Group: Productivity/Multimedia/Other
|
Group: Productivity/Multimedia/Other
|
||||||
URL: http://taglib.github.io/
|
URL: http://taglib.github.io/
|
||||||
Source0: http://taglib.github.io/releases/%{name}-%{version}.tar.gz
|
Source0: https://github.com/taglib/taglib/archive/%{rev}.tar.gz#/%{name}-%{version}.tar.gz
|
||||||
|
#Source0: http://taglib.github.io/releases/%%{name}-%%{version}.tar.gz
|
||||||
Source1: %{name}.desktop
|
Source1: %{name}.desktop
|
||||||
Source100: baselibs.conf
|
Source100: baselibs.conf
|
||||||
# PATCH-FIX-SECURITY taglib-CVE-2017-12678.patch bsc1052699 CVE-2017-12678 sbrabec@suse.com -- Prevent denial of service.
|
Patch0: taglib-versionbump.patch
|
||||||
Patch0: taglib-CVE-2017-12678.patch
|
|
||||||
Patch1: taglib-CVE-2018-11439.patch
|
|
||||||
Patch2: taglib-fix-ogg.patch
|
|
||||||
BuildRequires: cmake >= 2.8
|
BuildRequires: cmake >= 2.8
|
||||||
BuildRequires: doxygen
|
BuildRequires: doxygen
|
||||||
BuildRequires: fdupes
|
BuildRequires: fdupes
|
||||||
@ -92,10 +92,8 @@ Obsoletes: taglib-devel <= 1.6.3
|
|||||||
This package contains development files for taglib.
|
This package contains development files for taglib.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q -n %{name}-%{rev}
|
||||||
%patch0 -p1
|
%patch0 -p0
|
||||||
%patch1 -p1
|
|
||||||
%patch2 -p1
|
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%cmake \
|
%cmake \
|
||||||
|
Loading…
Reference in New Issue
Block a user