From afebcfc5db08ef68a77bdd23760bcde209e106729f1daf4d781484092dc309ea Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Fri, 25 Jul 2008 15:37:42 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xine-lib?expand=0&rev=10 --- xine-lib-1.1.12-crippled.tar.bz2 | 3 - xine-lib-1.1.14-asprintf-typo.diff | 25 ++++++++ xine-lib-1.1.14-crippled.tar.bz2 | 3 + xine-lib-1.1.14-ia64-is-not-alpha.diff | 31 ++++++++++ xine-lib-CVE-2008-1878.diff | 17 ------ xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff | 63 +++++++++++--------- xine-lib.changes | 43 +++++++++++++ xine-lib.spec | 54 ++++++++++++++--- 8 files changed, 184 insertions(+), 55 deletions(-) delete mode 100644 xine-lib-1.1.12-crippled.tar.bz2 create mode 100644 xine-lib-1.1.14-asprintf-typo.diff create mode 100644 xine-lib-1.1.14-crippled.tar.bz2 create mode 100644 xine-lib-1.1.14-ia64-is-not-alpha.diff delete mode 100644 xine-lib-CVE-2008-1878.diff diff --git a/xine-lib-1.1.12-crippled.tar.bz2 b/xine-lib-1.1.12-crippled.tar.bz2 deleted file mode 100644 index e4cc57d..0000000 --- a/xine-lib-1.1.12-crippled.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0e61afab251f7d902383d5c85b21c4aa7a6a9d6f2d56dd9cd885c97f052ce22c -size 5061931 diff --git a/xine-lib-1.1.14-asprintf-typo.diff b/xine-lib-1.1.14-asprintf-typo.diff new file mode 100644 index 0000000..7b9c48d --- /dev/null +++ b/xine-lib-1.1.14-asprintf-typo.diff @@ -0,0 +1,25 @@ +From e92cdef028f622efab711ce6b00cbeb1ded3df3c Mon Sep 17 00:00:00 2001 +From: Ludwig Nussel +Date: Fri, 25 Jul 2008 16:46:23 +0200 +Subject: [PATCH] asprintf typo + +--- + src/input/input_smb.c | 2 +- + 1 files changed, 1 insertions(+), 1 deletions(-) + +diff --git a/src/input/input_smb.c b/src/input/input_smb.c +index dbab772..266cdc3 100644 +--- a/src/input/input_smb.c ++++ b/src/input/input_smb.c +@@ -280,7 +280,7 @@ static xine_mrl_t **smb_class_get_dir (input_class_t *this_gen, + dir_files[num_dir_files].link = NULL; + dir_files[num_dir_files].type = mrl_file | mrl_file_directory; + dir_files[num_dir_files].origin = strdup("smb:/"); +- asprintf(*(dir_files[num_dir_files].mrl), "%s/%s", "smb:/", pdirent->name); ++ asprintf(&(dir_files[num_dir_files].mrl), "%s/%s", "smb:/", pdirent->name); + dir_files[num_dir_files].size = pdirent->dirlen; + num_dir_files ++; + } else if (pdirent->smbc_type == SMBC_FILE_SHARE){ +-- +1.5.6 + diff --git a/xine-lib-1.1.14-crippled.tar.bz2 b/xine-lib-1.1.14-crippled.tar.bz2 new file mode 100644 index 0000000..cfb8411 --- /dev/null +++ b/xine-lib-1.1.14-crippled.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7c04f66c45eac432bfd8d03d0e046174af3ca6ad6c01fe84b27b39b3d8064006 +size 5066323 diff --git a/xine-lib-1.1.14-ia64-is-not-alpha.diff b/xine-lib-1.1.14-ia64-is-not-alpha.diff new file mode 100644 index 0000000..7d5e01e --- /dev/null +++ b/xine-lib-1.1.14-ia64-is-not-alpha.diff @@ -0,0 +1,31 @@ +From c781f4b2e726fa3fabf8cc0cdd592f617ae799e2 Mon Sep 17 00:00:00 2001 +From: Ludwig Nussel +Date: Fri, 25 Jul 2008 16:58:56 +0200 +Subject: [PATCH] ia64 is not alpha + +--- + configure.ac | 5 ++++- + 1 files changed, 4 insertions(+), 1 deletions(-) + +diff --git a/configure.ac b/configure.ac +index af881fc..93b2a95 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -2332,10 +2332,13 @@ case "$host_or_hostalias" in + mips-*) + AC_DEFINE_UNQUOTED(FPM_MIPS,,[Define to select libmad fixed point arithmetic implementation]) + ;; +- alphaev56-* | alpha* | ia64-* | hppa*-linux-*) ++ alphaev56-* | alpha* | hppa*-linux-*) + AC_DEFINE_UNQUOTED(FPM_64BIT,,[Define to select libmad fixed point arithmetic implementation]) + AC_DEFINE_UNQUOTED(ARCH_ALPHA,,[Define this if you're running Alpha architecture]) + ;; ++ ia64-*) ++ AC_DEFINE_UNQUOTED(FPM_64BIT,,[Define to select libmad fixed point arithmetic implementation]) ++ ;; + armv4l-*-linux*) + AC_DEFINE_UNQUOTED(FPM_ARM,,[Define to select libmad fixed point arithmetic implementation]) + AC_DEFINE_UNQUOTED(ARCH_ARM,,[Define this if you're running ARM architecture]) +-- +1.5.6 + diff --git a/xine-lib-CVE-2008-1878.diff b/xine-lib-CVE-2008-1878.diff deleted file mode 100644 index ffe99eb..0000000 --- a/xine-lib-CVE-2008-1878.diff +++ /dev/null @@ -1,17 +0,0 @@ -Index: xine-lib-1.1.11.1/src/demuxers/demux_nsf.c -=================================================================== ---- xine-lib-1.1.11.1.orig/src/demuxers/demux_nsf.c -+++ xine-lib-1.1.11.1/src/demuxers/demux_nsf.c -@@ -106,9 +106,9 @@ static int open_nsf_file(demux_nsf_t *th - - this->total_songs = header[6]; - this->current_song = header[7]; -- this->title = strdup(&header[0x0E]); -- this->artist = strdup(&header[0x2E]); -- this->copyright = strdup(&header[0x4E]); -+ this->title = strndup((char*)&header[0x0E], 0x20); -+ this->artist = strndup((char*)&header[0x2E], 0x20); -+ this->copyright = strndup((char*)&header[0x4E], 0x20); - - this->filesize = this->input->get_length(this->input); - diff --git a/xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff b/xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff index 4b4dfc8..4c858cd 100644 --- a/xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff +++ b/xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff @@ -1,11 +1,21 @@ -Index: src/xine-engine/load_plugins.c +From 8861e0d755127fde4b57d32561491853e49a0edc Mon Sep 17 00:00:00 2001 +From: Ludwig Nussel +Date: Fri, 25 Jul 2008 15:07:23 +0200 +Subject: [PATCH] xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff + =================================================================== ---- src/xine-engine/load_plugins.c.orig -+++ src/xine-engine/load_plugins.c -@@ -2431,9 +2431,19 @@ char *xine_get_file_extensions (xine_t * - plugin_node_t *node; - char *str; - int list_id, list_size; +--- + src/xine-engine/load_plugins.c | 17 ++++++++++++++++- + 1 files changed, 16 insertions(+), 1 deletions(-) + +diff --git a/src/xine-engine/load_plugins.c b/src/xine-engine/load_plugins.c +index a710927..e507c07 100644 +--- a/src/xine-engine/load_plugins.c ++++ b/src/xine-engine/load_plugins.c +@@ -2481,9 +2481,18 @@ char *xine_get_file_extensions (xine_t *self) { + + plugin_catalog_t *catalog = self->plugin_catalog; + int list_id; + int havempgdecoder = 0; + const char * const * p; @@ -18,27 +28,24 @@ Index: src/xine-engine/load_plugins.c + break; + } + } -+ - /* calc length of output */ - - len = 0; -@@ -2447,7 +2457,8 @@ char *xine_get_file_extensions (xine_t * - - cls = (demux_class_t *)node->plugin_class; - -- if((exts = cls->get_extensions(cls)) && *exts) -+ if((exts = cls->get_extensions(cls)) && *exts && -+ (havempgdecoder || !strstr (exts, "mp3"))) - len += strlen(exts) + 1; + /* calc length of output string and create an array of strings to + concatenate */ + size_t len = 0; +@@ -2495,7 +2504,13 @@ char *xine_get_file_extensions (xine_t *self) { + if (node->plugin_class || _load_plugin_class(self, node, NULL)) { + demux_class_t *const cls = (demux_class_t *)node->plugin_class; + if( (extensions[list_id] = cls->get_extensions(cls)) != NULL ) +- len += strlen(extensions[list_id]) +1; ++ { ++ if(havempgdecoder || !strstr(extensions[list_id], "mp3")) { ++ len += strlen(extensions[list_id]) +1; ++ } else { ++ extensions[list_id] = NULL; ++ } ++ } } } -@@ -2467,7 +2478,8 @@ char *xine_get_file_extensions (xine_t * - cls = (demux_class_t *)node->plugin_class; - -- if((e = cls->get_extensions (cls)) && *e) { -+ if((e = cls->get_extensions (cls)) && *e && -+ (havempgdecoder || !strstr (e, "mp3"))) { - l = strlen(e); - memcpy (&str[pos], e, l); - +-- +1.5.6 + diff --git a/xine-lib.changes b/xine-lib.changes index 3b99dfd..2680f0a 100644 --- a/xine-lib.changes +++ b/xine-lib.changes @@ -1,3 +1,46 @@ +------------------------------------------------------------------- +Fri Jul 25 14:55:37 CEST 2008 - lnussel@suse.de + +- Update to 1.1.14: + + * DVB changes: + - Reacquire PIDs whenever a PMT is parsed. (Some channels' PIDs are + changed on a regular basis.) + - Recognise more stream formats (as defined in the broadcast PMT). + - Allow automatic detection of more DVB tuning parameters. + - Allow the GUI to be disabled. + - Allow configuration of the location of channels.conf. + * V4L: allow TV standard selection. + * Allow input plugins to report MIME type information. + This is used for demuxer plugin selection immediately before testing the + filename extension (so it won't work when demuxer selection is done by + stream content only). [Bug #120] + * Allow input plugins to ask for a specific demuxer, overriding the normal + demuxer selection methods. (Most won't need this.) + * The Xv and XxMC video output plugins now support Xv port selection via + two methods: port number and port type (currently "any", "overlay" and + "textured video"). Port number takes precedence; the plugins will fall + back on another port of the same type (if a type was specified) then on + whatever they can find. + XvMC does not support port selection at present. + (Backported from the 1.2 branch.) + * Fix MPEG TS audio stream problems introduced in 1.1.13. + * Add basic aspect ratio detection for Windows Media Video streams. + +- Update to 1.1.13: + * Security fixes: + - Buffer overflow in the NSF demuxer which may allow remote attackers to + cause a denial of service (crash) or possibly execute arbitrary code + via an NSF file with a long title or copyright message. (CVE-2008-1878) + - For extra safety against possible Integer overflows like the ones found + in CVE-2008-1482, backport more calloc usage from 1.2 branch. + * Improved JACK output plugin. + * Added MIME types and .mpp for musepack. + * Fixed display of some MJPEG streams (YUVJ420P). + * Deprecate xine_xmalloc() function, see src/xine-utils/utils.c for more + information about the reason. + * Provide a useful implementation of xine_register_log_cb(). + ------------------------------------------------------------------- Thu Jun 19 11:15:33 CEST 2008 - schwab@suse.de diff --git a/xine-lib.spec b/xine-lib.spec index 711b2ee..000c67c 100644 --- a/xine-lib.spec +++ b/xine-lib.spec @@ -1,5 +1,5 @@ # -# spec file for package xine-lib (Version 1.1.12) +# spec file for package xine-lib (Version 1.1.14) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. # This file and all modifications and additions to the pristine @@ -33,9 +33,9 @@ BuildRequires: ImageMagick-devel SDL-devel aalib-devel arts-devel cdparanoia cu BuildRequires: mad-devel %endif Recommends: opensuse-codecs-installer -Version: 1.1.12 -Release: 11 -%define abiversion 1.21 +Version: 1.1.14 +Release: 1 +%define abiversion 1.23 Summary: Video Player with Plug-Ins Group: Productivity/Multimedia/Video/Players License: GPL v2 or later; Public Domain, Freeware @@ -52,7 +52,8 @@ Source13: lcd.tar.bz2 Source99: precheckin_cripple_tarball.sh # *** xine-lib: Bugfixes Patch26: xine-lib-doc-fix-X11R6.diff -Patch28: xine-lib-CVE-2008-1878.diff +Patch27: xine-lib-1.1.14-asprintf-typo.diff +Patch28: xine-lib-1.1.14-ia64-is-not-alpha.diff # *** Addons Patch50: vdr-xine-0.8.2.diff.bz2 Patch51: vdr-xine-SUSE.diff @@ -171,20 +172,21 @@ else fi cd xine-lib-%version %patch26 +%patch27 -p1 +%patch28 -p1 %patch50 -p1 %patch51 -p1 sed -i 's|^noinst_HEADERS = input_vdr.h|xineinclude_HEADERS = input_vdr.h|' src/vdr/Makefile.am %patch61 -p0 #sed -i 's|^ac_config_files="|ac_config_files="src/vdr/Makefile src/mjpeg/Makefile|' configure %patch70 -%patch71 +%patch71 -p1 # Only apply to uncrippled source %if %BUILD_XINE > 0 %patch80 %endif %patch72 -p1 %patch73 -p1 -%patch28 -p1 %patch74 -p1 rm -f m4/libtool15.m4 @@ -450,6 +452,44 @@ echo "/usr/share/xine/mad" >> files.internal %endif %changelog +* Fri Jul 25 2008 lnussel@suse.de +- Update to 1.1.14: + * DVB changes: + - Reacquire PIDs whenever a PMT is parsed. (Some channels' PIDs are + changed on a regular basis.) + - Recognise more stream formats (as defined in the broadcast PMT). + - Allow automatic detection of more DVB tuning parameters. + - Allow the GUI to be disabled. + - Allow configuration of the location of channels.conf. + * V4L: allow TV standard selection. + * Allow input plugins to report MIME type information. + This is used for demuxer plugin selection immediately before testing the + filename extension (so it won't work when demuxer selection is done by + stream content only). [Bug #120] + * Allow input plugins to ask for a specific demuxer, overriding the normal + demuxer selection methods. (Most won't need this.) + * The Xv and XxMC video output plugins now support Xv port selection via + two methods: port number and port type (currently "any", "overlay" and + "textured video"). Port number takes precedence; the plugins will fall + back on another port of the same type (if a type was specified) then on + whatever they can find. + XvMC does not support port selection at present. + (Backported from the 1.2 branch.) + * Fix MPEG TS audio stream problems introduced in 1.1.13. + * Add basic aspect ratio detection for Windows Media Video streams. +- Update to 1.1.13: + * Security fixes: + - Buffer overflow in the NSF demuxer which may allow remote attackers to + cause a denial of service (crash) or possibly execute arbitrary code + via an NSF file with a long title or copyright message. (CVE-2008-1878) + - For extra safety against possible Integer overflows like the ones found + in CVE-2008-1482, backport more calloc usage from 1.2 branch. + * Improved JACK output plugin. + * Added MIME types and .mpp for musepack. + * Fixed display of some MJPEG streams (YUVJ420P). + * Deprecate xine_xmalloc() function, see src/xine-utils/utils.c for more + information about the reason. + * Provide a useful implementation of xine_register_log_cb(). * Thu Jun 19 2008 schwab@suse.de - Remove local libtool macros and run autoreconf. * Wed May 14 2008 mhopf@suse.de