Accepting request 988461 from home:dirkmueller:Factory
- update to 5.5.0: * fixed: CVE-2021-44269 (encoding crafted DSD file triggers OOB read crash) * fixed: very long filenames cause stack-overflow crash in all CLI programs * fixed: the length stored in WAV headers not always corrected when using -i * fixed: attempting to encode raw DSD audio from stdin sometimes causes crash * fixed: DSD to PCM decimation: small clicks between tracks and tiny DC offset * fixed: length update in library-generated WAV headers on big-endian machines * fixed: sanitize custom extensions read from WavPack files to be alphanumeric * added: accepting brace-delimited options in the wavpack executable filename * added: "--drop" option to Windows executables for multi-file "drag-and-drop" * added" "--raw-pcm" option to wvunpack executable (does DSD --> 24-bit PCM) * added: "--no-overwrite" option to wavpack executable (to resume sessions) * improved: build system clean-up including switch to non-recursive "make" - drop wavpack-CVE-2021-44269.patch (upstream) - add doc subpackage OBS-URL: https://build.opensuse.org/request/show/988461 OBS-URL: https://build.opensuse.org/package/show/multimedia:libs/wavpack?expand=0&rev=36
This commit is contained in:
Git OBS Bridge
parent
9a28758160
commit
4b307a527f
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:0716a6dcf9a72d61005e1b09bbbd61aaf49837cb4e4a351992a6daed16cac034
|
||||
size 863429
|
||||
3
wavpack-5.5.0.tar.bz2
Normal file
3
wavpack-5.5.0.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:7a222f96c391138d340793a1b06d517d7a514de85b5915216051b7386f222977
|
||||
size 905755
|
||||
@ -1,30 +0,0 @@
|
||||
diff --git a/cli/dsdiff.c b/cli/dsdiff.c
|
||||
index d7adb6a..5bdcae3 100644
|
||||
--- a/cli/dsdiff.c
|
||||
+++ b/cli/dsdiff.c
|
||||
@@ -278,6 +278,12 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa
|
||||
}
|
||||
|
||||
total_samples = dff_chunk_header.ckDataSize / config->num_channels;
|
||||
+
|
||||
+ if (total_samples <= 0 || total_samples > MAX_WAVPACK_SAMPLES) {
|
||||
+ error_line ("%s is not a valid .DFF file!", infilename);
|
||||
+ return WAVPACK_SOFT_ERROR;
|
||||
+ }
|
||||
+
|
||||
break;
|
||||
}
|
||||
else { // just copy unknown chunks to output file
|
||||
diff --git a/cli/dsf.c b/cli/dsf.c
|
||||
index e1d7973..dddd488 100644
|
||||
--- a/cli/dsf.c
|
||||
+++ b/cli/dsf.c
|
||||
@@ -113,6 +113,7 @@ int ParseDsfHeaderConfig (FILE *infile, char *infilename, char *fourcc, WavpackC
|
||||
|
||||
if (format_chunk.ckSize != sizeof (DSFFormatChunk) || format_chunk.formatVersion != 1 ||
|
||||
format_chunk.formatID != 0 || format_chunk.blockSize != DSF_BLOCKSIZE || format_chunk.reserved ||
|
||||
+ format_chunk.sampleCount <= 0 || format_chunk.sampleCount > MAX_WAVPACK_SAMPLES * 8 ||
|
||||
(format_chunk.bitsPerSample != 1 && format_chunk.bitsPerSample != 8) ||
|
||||
format_chunk.numChannels < 1 || format_chunk.numChannels > 6 ||
|
||||
format_chunk.chanType < 1 || format_chunk.chanType > NUM_CHAN_TYPES) {
|
||||
|
||||
@ -1,3 +1,22 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 11 17:47:55 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- update to 5.5.0:
|
||||
* fixed: CVE-2021-44269 (encoding crafted DSD file triggers OOB read crash)
|
||||
* fixed: very long filenames cause stack-overflow crash in all CLI programs
|
||||
* fixed: the length stored in WAV headers not always corrected when using -i
|
||||
* fixed: attempting to encode raw DSD audio from stdin sometimes causes crash
|
||||
* fixed: DSD to PCM decimation: small clicks between tracks and tiny DC offset
|
||||
* fixed: length update in library-generated WAV headers on big-endian machines
|
||||
* fixed: sanitize custom extensions read from WavPack files to be alphanumeric
|
||||
* added: accepting brace-delimited options in the wavpack executable filename
|
||||
* added: "--drop" option to Windows executables for multi-file "drag-and-drop"
|
||||
* added" "--raw-pcm" option to wvunpack executable (does DSD --> 24-bit PCM)
|
||||
* added: "--no-overwrite" option to wavpack executable (to resume sessions)
|
||||
* improved: build system clean-up including switch to non-recursive "make"
|
||||
- drop wavpack-CVE-2021-44269.patch (upstream)
|
||||
- add doc subpackage
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 16 09:03:47 UTC 2022 - pgajdos@suse.com
|
||||
|
||||
|
||||
29
wavpack.spec
29
wavpack.spec
@ -18,16 +18,14 @@
|
||||
|
||||
%define soname 1
|
||||
Name: wavpack
|
||||
Version: 5.4.0
|
||||
Version: 5.5.0
|
||||
Release: 0
|
||||
Summary: Hybrid Lossless Audio Compression Format
|
||||
License: BSD-3-Clause
|
||||
Group: Productivity/Multimedia/Sound/Editors and Convertors
|
||||
URL: http://www.wavpack.com/
|
||||
Source0: http://www.wavpack.com/%{name}-%{version}.tar.bz2
|
||||
URL: https://www.wavpack.com/
|
||||
Source0: https://www.wavpack.com/%{name}-%{version}.tar.bz2
|
||||
Source99: baselibs.conf
|
||||
# CVE-2021-44269 [bsc#1197020], out of bounds read in processing .wav file
|
||||
Patch0: wavpack-CVE-2021-44269.patch
|
||||
BuildRequires: pkgconfig
|
||||
|
||||
%description
|
||||
@ -50,7 +48,6 @@ Group: System/Libraries
|
||||
%description -n libwavpack%{soname}
|
||||
WavPack is an open audio compression format providing lossless, high-quality
|
||||
lossy, and unique hybrid compression modes.
|
||||
|
||||
Lossless mode is ideal for archiving audio material or any other situation
|
||||
where quality is paramount. The compression ratio depends on the source
|
||||
material, but generally is between 30%% and 70%%.
|
||||
@ -68,9 +65,20 @@ lossy, and unique hybrid compression modes.
|
||||
This subpackage contains libraries and header files for developing
|
||||
applications that want to make use of wavpack.
|
||||
|
||||
%package doc
|
||||
Summary: Documentation files for wavpack, an audio compression format
|
||||
Group: Development/Libraries/C and C++
|
||||
Requires: %{name} = %{version}
|
||||
|
||||
%description doc
|
||||
WavPack is an open audio compression format providing lossless, high-quality
|
||||
lossy, and unique hybrid compression modes.
|
||||
|
||||
This subpackage contains development documentation for applications that
|
||||
want to make use of wavpack.
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
|
||||
%build
|
||||
%configure --disable-static
|
||||
@ -80,6 +88,9 @@ applications that want to make use of wavpack.
|
||||
%make_install
|
||||
find %{buildroot} -type f -name "*.la" -delete -print
|
||||
|
||||
install -d -m 755 %{buildroot}%{_defaultdocdir}
|
||||
mv %{buildroot}/usr/share/doc/%name %{buildroot}%{_defaultdocdir}
|
||||
|
||||
%check
|
||||
%make_build check
|
||||
|
||||
@ -88,7 +99,6 @@ find %{buildroot} -type f -name "*.la" -delete -print
|
||||
|
||||
%files
|
||||
%license COPYING
|
||||
%doc ChangeLog README.md
|
||||
%{_bindir}/wavpack
|
||||
%{_bindir}/wvgain
|
||||
%{_bindir}/wvunpack
|
||||
@ -104,4 +114,7 @@ find %{buildroot} -type f -name "*.la" -delete -print
|
||||
%{_libdir}/libwavpack.so
|
||||
%{_libdir}/pkgconfig/wavpack.pc
|
||||
|
||||
%files doc
|
||||
%doc %_defaultdocdir/%name
|
||||
|
||||
%changelog
|
||||
|
||||
Loading…
Reference in New Issue
Block a user