From cc2d351107710a1d27ba47a446a44a73e7d0ffdd028b322d8dcea413ce549211 Mon Sep 17 00:00:00 2001 From: OBS User unknown Date: Sat, 23 Aug 2008 00:28:46 +0000 Subject: [PATCH] OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/xine-lib?expand=0&rev=12 --- CelomaChrome.tar.bz2 | 3 -- caramel.tar.bz2 | 3 -- lcd.tar.bz2 | 3 -- xine-checkoglvisual.diff | 75 --------------------------- xine-lib-1.1.14-crippled.tar.bz2 | 3 -- xine-lib-1.1.15-cpp-compilation.diff | 49 ++++++++++++++++++ xine-lib-1.1.15-crippled.tar.bz2 | 3 ++ xine-lib-1.1.15-demux_str.diff | 12 +++++ xine-lib.changes | 27 ++++++++++ xine-lib.spec | 76 +++++++++++++++++++--------- 10 files changed, 144 insertions(+), 110 deletions(-) delete mode 100644 CelomaChrome.tar.bz2 delete mode 100644 caramel.tar.bz2 delete mode 100644 lcd.tar.bz2 delete mode 100644 xine-checkoglvisual.diff delete mode 100644 xine-lib-1.1.14-crippled.tar.bz2 create mode 100644 xine-lib-1.1.15-cpp-compilation.diff create mode 100644 xine-lib-1.1.15-crippled.tar.bz2 create mode 100644 xine-lib-1.1.15-demux_str.diff diff --git a/CelomaChrome.tar.bz2 b/CelomaChrome.tar.bz2 deleted file mode 100644 index bf39c70..0000000 --- a/CelomaChrome.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a8eb2d1221388a8f8ff60bcc54b6489589cb6c830fe91d1b21d01fe237a26737 -size 119789 diff --git a/caramel.tar.bz2 b/caramel.tar.bz2 deleted file mode 100644 index 360abf6..0000000 --- a/caramel.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:ef820f5d1eb136cec768f332d578e081498529d93e01ebc842eb1aee60b2d015 -size 47763 diff --git a/lcd.tar.bz2 b/lcd.tar.bz2 deleted file mode 100644 index ce2c0a5..0000000 --- a/lcd.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9ff7905a2bf7b95787340bf69c448c2219fc1d4ee269a1a8b5073972e58dc613 -size 117287 diff --git a/xine-checkoglvisual.diff b/xine-checkoglvisual.diff deleted file mode 100644 index f86667c..0000000 --- a/xine-checkoglvisual.diff +++ /dev/null @@ -1,75 +0,0 @@ -diff -r 4c4d4dd22d31 src/video_out/video_out_opengl.c ---- a/src/video_out/video_out_opengl.c Wed Jul 16 14:08:24 2008 +0100 -+++ b/src/video_out/video_out_opengl.c Fri Aug 01 19:34:45 2008 +0200 -@@ -1953,6 +1953,51 @@ - * class functions - */ - -+static int opengl_verify_direct (x11_visual_t *vis) { -+ int attribs[] = { -+ GLX_RGBA, -+ GLX_RED_SIZE, 1, -+ GLX_GREEN_SIZE, 1, -+ GLX_BLUE_SIZE, 1, -+ None -+ }; -+ Window root, win; -+ XVisualInfo *visinfo; -+ GLXContext ctx; -+ XSetWindowAttributes xattr; -+ int ret = 0; -+ -+ if (!vis || !vis->display || -+ ! (root = RootWindow (vis->display, vis->screen))) { -+ fprintf (stderr, "[videoout_opengl]: Don't have a root window to verify\n"); -+ } -+ if (! (visinfo = glXChooseVisual (vis->display, vis->screen, attribs))) -+ return 0; -+ if (! (ctx = glXCreateContext (vis->display, visinfo, NULL, 1))) -+ return 0; -+ memset (&xattr, 0, sizeof (xattr)); -+ xattr.colormap = XCreateColormap(vis->display, root, visinfo->visual, AllocNone); -+ xattr.event_mask = StructureNotifyMask | ExposureMask; -+ if ( (win = XCreateWindow (vis->display, root, 0, 0, 1, 1, 0, visinfo->depth, -+ InputOutput, visinfo->visual, -+ CWBackPixel | CWBorderPixel | CWColormap | CWEventMask, -+ &xattr))) { -+ if (glXMakeCurrent (vis->display, win, ctx)) { -+ const char *renderer = (const char *) glGetString(GL_RENDERER); -+ if (glXIsDirect (vis->display, ctx) && -+ ! strstr (renderer, "Software") && -+ ! strstr (renderer, "Indirect")) -+ ret = 1; -+ glXMakeCurrent (vis->display, None, NULL); -+ } -+ XDestroyWindow (vis->display, win); -+ } -+ glXDestroyContext (vis->display, ctx); -+ XFreeColormap (vis->display, xattr.colormap); -+ -+ return ret; -+} -+ - static char* opengl_get_identifier (video_driver_class_t *this_gen) { - return "opengl"; - } -@@ -1968,7 +2013,18 @@ - } - - static void *opengl_init_class (xine_t *xine, void *visual_gen) { -- opengl_class_t *this = (opengl_class_t *) calloc(1, sizeof(opengl_class_t)); -+ -+ opengl_class_t *this; -+ -+ xprintf (xine, XINE_VERBOSITY_LOG, -+ "video_out_opengl: Testing for hardware accelerated direct rendering visual\n"); -+ if (! opengl_verify_direct ((x11_visual_t *)visual_gen)) { -+ xprintf (xine, XINE_VERBOSITY_LOG, -+ "video_out_opengl: Didn't find any\n"); -+ return NULL; -+ } -+ -+ this = (opengl_class_t *) calloc (1, sizeof(opengl_class_t)); - - this->driver_class.open_plugin = opengl_open_plugin; - this->driver_class.get_identifier = opengl_get_identifier; diff --git a/xine-lib-1.1.14-crippled.tar.bz2 b/xine-lib-1.1.14-crippled.tar.bz2 deleted file mode 100644 index cfb8411..0000000 --- a/xine-lib-1.1.14-crippled.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7c04f66c45eac432bfd8d03d0e046174af3ca6ad6c01fe84b27b39b3d8064006 -size 5066323 diff --git a/xine-lib-1.1.15-cpp-compilation.diff b/xine-lib-1.1.15-cpp-compilation.diff new file mode 100644 index 0000000..6066788 --- /dev/null +++ b/xine-lib-1.1.15-cpp-compilation.diff @@ -0,0 +1,49 @@ +tree 7916d166058a +parent 1cb8085922eb +author Darren Salt 1218967411 -3600 +committer Darren Salt 1218967411 -3600 +revision 9552 +branch default + +Fix a compilation failure when using C++. +diff --git a/src/xine-engine/buffer.h b/src/xine-engine/buffer.h +--- a/src/xine-engine/buffer.h ++++ b/src/xine-engine/buffer.h +@@ -676,7 +676,7 @@ + /* convert xine_waveformatex struct from little endian */ + void _x_waveformatex_le2me( xine_waveformatex *wavex ) XINE_PROTECTED; + +-static inline _x_is_fourcc(void *ptr, void *tag) { ++static inline int _x_is_fourcc(void *ptr, void *tag) { + return memcmp(ptr, tag, 4) == 0; + } + +tree 2709fe49f09c +parent c35bdd51ce1c +author Darren Salt 1219080475 -3600 +committer Darren Salt 1219080475 -3600 +revision 9553 +branch default + +Fix another compilation failure when using C++. +diff --git a/ChangeLog b/ChangeLog +--- a/ChangeLog ++++ b/ChangeLog +@@ -1,4 +1,5 @@ + xine-lib (1.1.16) 2008-??-?? ++ * Fix reported compilation failures (with C++ programs). + + xine-lib (1.1.15) 2008-08-14 + * Security fixes: +diff --git a/src/xine-engine/buffer.h b/src/xine-engine/buffer.h +--- a/src/xine-engine/buffer.h ++++ b/src/xine-engine/buffer.h +@@ -676,7 +676,7 @@ + /* convert xine_waveformatex struct from little endian */ + void _x_waveformatex_le2me( xine_waveformatex *wavex ) XINE_PROTECTED; + +-static inline int _x_is_fourcc(void *ptr, void *tag) { ++static __inline int _x_is_fourcc(void *ptr, void *tag) { + return memcmp(ptr, tag, 4) == 0; + } + diff --git a/xine-lib-1.1.15-crippled.tar.bz2 b/xine-lib-1.1.15-crippled.tar.bz2 new file mode 100644 index 0000000..d64b908 --- /dev/null +++ b/xine-lib-1.1.15-crippled.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8bfb825a911a9c8d0532e615c3a7c3dd3319f6725bd2d0e87568abaa0daf2058 +size 5076811 diff --git a/xine-lib-1.1.15-demux_str.diff b/xine-lib-1.1.15-demux_str.diff new file mode 100644 index 0000000..081b612 --- /dev/null +++ b/xine-lib-1.1.15-demux_str.diff @@ -0,0 +1,12 @@ +diff -r b3822572afa5 src/demuxers/demux_str.c +--- a/src/demuxers/demux_str.c Mon Aug 18 18:27:55 2008 +0100 ++++ b/src/demuxers/demux_str.c Fri Aug 22 14:49:47 2008 +0200 +@@ -139,7 +139,7 @@ + + #define CD_RAW_SECTOR_SIZE 2352 + +-static const uint8_t STR_MAGIC = ++static const uint8_t STR_MAGIC[4] = + { 0x60, 0x01, 0x01, 0x80 }; + #define STR_MAX_CHANNELS 32 + diff --git a/xine-lib.changes b/xine-lib.changes index 5c07d5a..0d76651 100644 --- a/xine-lib.changes +++ b/xine-lib.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Fri Aug 22 14:51:08 CEST 2008 - lnussel@suse.de + +- Update to 1.1.15: + + * Security fixes: + - Fix crashes with various corrupted media files, including Ogg. + (CVE-2008-3231) + This includes a libfaad update from the 1.2 branch. + - Delay V4L video frame preallocation until we know how large they'll be. + - Fix an exploitable ID3 heap buffer overflow. + - Check for possible buffer overflow attempts in the Real demuxer. + - Use size_t for data length variables where there may be int overflows. + - Add some checks for memory allocation failures. + * Use external ffmpeg and libfaad by default. + * V4L: Don't segfault if asked for an input that doesn't exist. + * Recognise AMR audio (normally found in 3GP files). + * Recognise Snow video. + * Xv deinterlacing didn't take the size of the deinterlaced image into + account; on some chipsets, this would cause image corruption, while on + others, there would be no problem. + * V4L: only try and set the tuner if we're going to use it. Setting the tuner + when using baseband video (CVBS, S-Video) breaks the input. + * Fix crashes with MP3 files with metadata consisting only of separators. +- move extra skins to xine-ui package +- use external faad and ffmpeg libraries + ------------------------------------------------------------------- Fri Aug 1 20:03:30 CEST 2008 - mhopf@suse.de diff --git a/xine-lib.spec b/xine-lib.spec index 4f892fb..4f1bf51 100644 --- a/xine-lib.spec +++ b/xine-lib.spec @@ -1,10 +1,17 @@ # -# spec file for package xine-lib (Version 1.1.14) +# spec file for package xine-lib (Version 1.1.15) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. -# This file and all modifications and additions to the pristine -# package are under the same license as the package itself. # +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + # Please submit bugfixes or comments via http://bugs.opensuse.org/ # @@ -30,12 +37,13 @@ Name: xine-lib %define BUILD_XINE %{?_with_internal:2}%{!?_with_internal:%build_xine_default} BuildRequires: ImageMagick-devel SDL-devel aalib-devel arts-devel cdparanoia curl-devel esound-devel flac-devel giflib-devel glib2-devel gnome-common gnome-vfs2-devel gnutls-devel gtk2-devel imlib2-devel krb5-devel libcdio-devel libdrm-devel libmng-devel libsmbclient libsmbclient-devel libtheora-devel libvorbis-devel lirc readline-devel speex-devel update-desktop-files vcdimager-devel %if %BUILD_XINE > 0 -BuildRequires: mad-devel +# those requiremens are optional but internal copies are likely old +BuildRequires: faad2-devel ffmpeg-devel %endif Recommends: opensuse-codecs-installer -Version: 1.1.14 -Release: 8 -%define abiversion 1.23 +Version: 1.1.15 +Release: 1 +%define abiversion 1.24 Summary: Video Player with Plug-Ins Group: Productivity/Multimedia/Video/Players License: GPL v2 or later; Public Domain, Freeware @@ -46,14 +54,13 @@ Source: xine-lib-%version-crippled.tar.bz2 Source: xine-lib-%version.tar.bz2 %endif Source10: README.SuSE -Source11: caramel.tar.bz2 -Source12: CelomaChrome.tar.bz2 -Source13: lcd.tar.bz2 Source99: precheckin_cripple_tarball.sh # *** xine-lib: Bugfixes Patch26: xine-lib-doc-fix-X11R6.diff Patch27: xine-lib-1.1.14-asprintf-typo.diff Patch28: xine-lib-1.1.14-ia64-is-not-alpha.diff +Patch29: xine-lib-1.1.15-cpp-compilation.diff +Patch30: xine-lib-1.1.15-demux_str.diff # *** Addons Patch50: vdr-xine-0.8.2.diff.bz2 Patch51: vdr-xine-SUSE.diff @@ -64,7 +71,6 @@ Patch71: xine-lib-demuxcheckfor_mad_ffmpeg-LOCAL.diff Patch72: xine-lib-1.1.7-install-plugins-helper.diff Patch73: xine-lib-assert.patch Patch74: xine-configure.diff -Patch75: xine-checkoglvisual.diff # *** Only working for noncrippled source Patch80: xine-lib-various-noncrippled.diff @@ -175,6 +181,8 @@ cd xine-lib-%version %patch26 %patch27 -p1 %patch28 -p1 +%patch29 -p1 +%patch30 -p1 %patch50 -p1 %patch51 -p1 sed -i 's|^noinst_HEADERS = input_vdr.h|xineinclude_HEADERS = input_vdr.h|' src/vdr/Makefile.am @@ -189,7 +197,6 @@ sed -i 's|^noinst_HEADERS = input_vdr.h|xineinclude_HEADERS = input_vdr.h|' src/ %patch72 -p1 %patch73 -p1 %patch74 -p1 -%patch75 -p1 rm -f m4/libtool15.m4 %build @@ -228,11 +235,6 @@ rm %buildroot%_defaultdocdir/xine/README.{irix,solaris,WIN32} %ifarch %ix86 mkdir -p %buildroot/usr/lib/win32 %endif -# extra skins -install -d -m755 %buildroot/usr/share/xine/skins/ -for i in %SOURCE11 %SOURCE12 %SOURCE13 ; do - tar xfvj $i -C %buildroot/usr/share/xine/skins/ -done cd - # # big plugin sorting @@ -301,6 +303,12 @@ xineplug_flac xineplug_vdr xineplug_vo_out_xxmc xineplug_vo_out_xvmc +post/xineplug_post_audio_filters +post/xineplug_post_goom +post/xineplug_post_mosaico +post/xineplug_post_switch +post/xineplug_post_tvtime +post/xineplug_post_visualizations # .extra # @@ -358,6 +366,9 @@ xineplug_decode_w32dll xineplug_decode_dxr3_video xineplug_vo_out_dxr3 xineplug_decode_dxr3_spu +# unfortunately using external ffmpeg links the planar post +# processing plugin against ffmpeg libs +post/xineplug_post_planar # EOF # @@ -414,8 +425,9 @@ echo "/usr/share/xine/mad" >> files.internal %dir /usr/share/xine/libxine1 %_libdir/libxine.so.* %doc %_mandir/man1/xine-list-1.1.1.gz +%doc %_mandir/man5/xine.* %_defaultdocdir/xine -%_libdir/xine/plugins/%abiversion/post +%dir %_libdir/xine/plugins/%abiversion/post %_libdir/xine/plugins/%abiversion/vidix %_libdir/xine/plugins/%abiversion/mime.types # @@ -426,11 +438,6 @@ echo "/usr/share/xine/mad" >> files.internal %files -n xine-extra -f files.extra %defattr(-,root,root,0755) -%doc %_mandir/man5/xine.* -%dir /usr/share/xine/skins -/usr/share/xine/skins/CelomaChrome -/usr/share/xine/skins/caramel -/usr/share/xine/skins/lcd %files -n xine-devel %defattr(-,root,root) @@ -454,6 +461,29 @@ echo "/usr/share/xine/mad" >> files.internal %endif %changelog +* Fri Aug 22 2008 lnussel@suse.de +- Update to 1.1.15: + * Security fixes: + - Fix crashes with various corrupted media files, including Ogg. + (CVE-2008-3231) + This includes a libfaad update from the 1.2 branch. + - Delay V4L video frame preallocation until we know how large they'll be. + - Fix an exploitable ID3 heap buffer overflow. + - Check for possible buffer overflow attempts in the Real demuxer. + - Use size_t for data length variables where there may be int overflows. + - Add some checks for memory allocation failures. + * Use external ffmpeg and libfaad by default. + * V4L: Don't segfault if asked for an input that doesn't exist. + * Recognise AMR audio (normally found in 3GP files). + * Recognise Snow video. + * Xv deinterlacing didn't take the size of the deinterlaced image into + account; on some chipsets, this would cause image corruption, while on + others, there would be no problem. + * V4L: only try and set the tuner if we're going to use it. Setting the tuner + when using baseband video (CVBS, S-Video) breaks the input. + * Fix crashes with MP3 files with metadata consisting only of separators. +- move extra skins to xine-ui package +- use external faad and ffmpeg libraries * Fri Aug 01 2008 mhopf@suse.de - Verify whether the visual is direct rendering capable before actually activating the opengl plugin (bnc #402687)