diff --git a/xine-lib-1.1.14-asprintf-typo.diff b/xine-lib-1.1.14-asprintf-typo.diff deleted file mode 100644 index 7b9c48d..0000000 --- a/xine-lib-1.1.14-asprintf-typo.diff +++ /dev/null @@ -1,25 +0,0 @@ -From e92cdef028f622efab711ce6b00cbeb1ded3df3c Mon Sep 17 00:00:00 2001 -From: Ludwig Nussel -Date: Fri, 25 Jul 2008 16:46:23 +0200 -Subject: [PATCH] asprintf typo - ---- - src/input/input_smb.c | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/src/input/input_smb.c b/src/input/input_smb.c -index dbab772..266cdc3 100644 ---- a/src/input/input_smb.c -+++ b/src/input/input_smb.c -@@ -280,7 +280,7 @@ static xine_mrl_t **smb_class_get_dir (input_class_t *this_gen, - dir_files[num_dir_files].link = NULL; - dir_files[num_dir_files].type = mrl_file | mrl_file_directory; - dir_files[num_dir_files].origin = strdup("smb:/"); -- asprintf(*(dir_files[num_dir_files].mrl), "%s/%s", "smb:/", pdirent->name); -+ asprintf(&(dir_files[num_dir_files].mrl), "%s/%s", "smb:/", pdirent->name); - dir_files[num_dir_files].size = pdirent->dirlen; - num_dir_files ++; - } else if (pdirent->smbc_type == SMBC_FILE_SHARE){ --- -1.5.6 - diff --git a/xine-lib-1.1.14-ia64-is-not-alpha.diff b/xine-lib-1.1.14-ia64-is-not-alpha.diff index 7d5e01e..9e6220a 100644 --- a/xine-lib-1.1.14-ia64-is-not-alpha.diff +++ b/xine-lib-1.1.14-ia64-is-not-alpha.diff @@ -7,11 +7,11 @@ Subject: [PATCH] ia64 is not alpha configure.ac | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) -diff --git a/configure.ac b/configure.ac -index af881fc..93b2a95 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -2332,10 +2332,13 @@ case "$host_or_hostalias" in +Index: xine-lib-1.1.16.1/configure.ac +=================================================================== +--- xine-lib-1.1.16.1.orig/configure.ac ++++ xine-lib-1.1.16.1/configure.ac +@@ -2311,10 +2311,13 @@ case "$host_or_hostalias" in mips-*) AC_DEFINE_UNQUOTED(FPM_MIPS,,[Define to select libmad fixed point arithmetic implementation]) ;; @@ -26,6 +26,3 @@ index af881fc..93b2a95 100644 armv4l-*-linux*) AC_DEFINE_UNQUOTED(FPM_ARM,,[Define to select libmad fixed point arithmetic implementation]) AC_DEFINE_UNQUOTED(ARCH_ARM,,[Define this if you're running ARM architecture]) --- -1.5.6 - diff --git a/xine-lib-1.1.15-autoconf.diff b/xine-lib-1.1.15-autoconf.diff deleted file mode 100644 index 2b9d1b1..0000000 --- a/xine-lib-1.1.15-autoconf.diff +++ /dev/null @@ -1,29 +0,0 @@ -tree 27b16715df5c -parent f5ff69fc65d3 -author Matthias Hopf 1222961491 -7200 -committer Matthias Hopf 1222961491 -7200 -revision 9559 -branch default - -Fix compilation for new auto*. -diff --git a/configure.ac b/configure.ac ---- a/configure.ac -+++ b/configure.ac -@@ -728,7 +728,7 @@ - - AC_ARG_WITH(xxmc-path, AS_HELP_STRING([--with-xxmc-path=path], [where libXvMC libraries for the - xxmc plugin are installed. Defalts to the default X library path.]), -- xxmc_path="$withval", xxmc_path="$x_libraries") -+ xxmc_path="$withval", xxmc_path="${x_libraries:-/usr/lib}") - AC_ARG_WITH(xxmc-lib, AS_HELP_STRING([--with-xxmc-lib=XXXX], [The name of the XvMC library - libXXXX.so for the xxmc plugin.]),xxmc_stub="$withval", - xxmc_stub="XvMCW") -@@ -819,7 +819,7 @@ - - AC_ARG_WITH(xvmc-path, AS_HELP_STRING([--with-xvmc-path=path], [where libXvMC libraries for the - xvmc plugin are installed. Defalts to the default X library path.]), -- xvmc_path="$withval", xvmc_path="$x_libraries") -+ xvmc_path="$withval", xvmc_path="${x_libraries:-/usr/lib}") - AC_ARG_WITH(xvmc-lib, AS_HELP_STRING([--with-xvmc-lib=XXXX], [The name of the XvMC library - libXXXX.so for the xvmc plugin.]),xvmc_stub="$withval", - xvmc_stub="XvMCW") diff --git a/xine-lib-1.1.15-cpp-compilation.diff b/xine-lib-1.1.15-cpp-compilation.diff deleted file mode 100644 index b3f118a..0000000 --- a/xine-lib-1.1.15-cpp-compilation.diff +++ /dev/null @@ -1,40 +0,0 @@ -tree 7916d166058a -parent 1cb8085922eb -author Darren Salt 1218967411 -3600 -committer Darren Salt 1218967411 -3600 -revision 9552 -branch default - -Fix a compilation failure when using C++. -diff --git a/src/xine-engine/buffer.h b/src/xine-engine/buffer.h ---- a/src/xine-engine/buffer.h -+++ b/src/xine-engine/buffer.h -@@ -676,7 +676,7 @@ - /* convert xine_waveformatex struct from little endian */ - void _x_waveformatex_le2me( xine_waveformatex *wavex ) XINE_PROTECTED; - --static inline _x_is_fourcc(void *ptr, void *tag) { -+static inline int _x_is_fourcc(void *ptr, void *tag) { - return memcmp(ptr, tag, 4) == 0; - } - -tree 2709fe49f09c -parent c35bdd51ce1c -author Darren Salt 1219080475 -3600 -committer Darren Salt 1219080475 -3600 -revision 9553 -branch default - -Fix another compilation failure when using C++. -diff --git a/src/xine-engine/buffer.h b/src/xine-engine/buffer.h ---- a/src/xine-engine/buffer.h -+++ b/src/xine-engine/buffer.h -@@ -676,7 +676,7 @@ - /* convert xine_waveformatex struct from little endian */ - void _x_waveformatex_le2me( xine_waveformatex *wavex ) XINE_PROTECTED; - --static inline int _x_is_fourcc(void *ptr, void *tag) { -+static __inline int _x_is_fourcc(void *ptr, void *tag) { - return memcmp(ptr, tag, 4) == 0; - } - diff --git a/xine-lib-1.1.15-crippled.tar.bz2 b/xine-lib-1.1.15-crippled.tar.bz2 deleted file mode 100644 index d64b908..0000000 --- a/xine-lib-1.1.15-crippled.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8bfb825a911a9c8d0532e615c3a7c3dd3319f6725bd2d0e87568abaa0daf2058 -size 5076811 diff --git a/xine-lib-1.1.15-demux_str.diff b/xine-lib-1.1.15-demux_str.diff deleted file mode 100644 index 081b612..0000000 --- a/xine-lib-1.1.15-demux_str.diff +++ /dev/null @@ -1,12 +0,0 @@ -diff -r b3822572afa5 src/demuxers/demux_str.c ---- a/src/demuxers/demux_str.c Mon Aug 18 18:27:55 2008 +0100 -+++ b/src/demuxers/demux_str.c Fri Aug 22 14:49:47 2008 +0200 -@@ -139,7 +139,7 @@ - - #define CD_RAW_SECTOR_SIZE 2352 - --static const uint8_t STR_MAGIC = -+static const uint8_t STR_MAGIC[4] = - { 0x60, 0x01, 0x01, 0x80 }; - #define STR_MAX_CHANNELS 32 - diff --git a/xine-lib-1.1.15-ffmpeg.diff b/xine-lib-1.1.15-ffmpeg.diff deleted file mode 100644 index 513a297..0000000 --- a/xine-lib-1.1.15-ffmpeg.diff +++ /dev/null @@ -1,26 +0,0 @@ -diff -ur xine-lib-1.1.15.orig/src/combined/ffmpeg/ff_audio_decoder.c xine-lib-1.1.15/src/combined/ffmpeg/ff_audio_decoder.c ---- xine-lib-1.1.15.orig/src/combined/ffmpeg/ff_audio_decoder.c 2008-07-16 01:13:03.000000000 +0200 -+++ xine-lib-1.1.15/src/combined/ffmpeg/ff_audio_decoder.c 2008-09-14 13:28:20.000000000 +0200 -@@ -322,7 +322,7 @@ - - if (!this->output_open) { - if (!this->audio_bits || !this->audio_sample_rate || !this->audio_channels) { -- avcodec_decode_audio (this->context, -+ avcodec_decode_audio2 (this->context, - (int16_t *)this->decode_buffer, - &decode_buffer_size, - &this->buf[0], -diff -ur xine-lib-1.1.15.orig/src/combined/ffmpeg/ffmpeg_decoder.h xine-lib-1.1.15/src/combined/ffmpeg/ffmpeg_decoder.h ---- xine-lib-1.1.15.orig/src/combined/ffmpeg/ffmpeg_decoder.h 2008-05-19 16:15:42.000000000 +0200 -+++ xine-lib-1.1.15/src/combined/ffmpeg/ffmpeg_decoder.h 2008-09-14 13:28:20.000000000 +0200 -@@ -33,6 +33,10 @@ - # include "../../libffmpeg/libavcodec/avcodec.h" - #endif - -+#if LIBAVCODEC_VERSION_MAJOR > 51 -+#define bits_per_sample bits_per_coded_sample -+#endif -+ - typedef struct ff_codec_s { - uint32_t type; - enum CodecID id; diff --git a/xine-lib-1.1.16.1-crippled.tar.bz2 b/xine-lib-1.1.16.1-crippled.tar.bz2 new file mode 100644 index 0000000..e910c3f --- /dev/null +++ b/xine-lib-1.1.16.1-crippled.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e680faac1958048403b71d5db1501dac7f6281e46fc18673584d748e70aaede7 +size 5198657 diff --git a/xine-lib.changes b/xine-lib.changes index 06a1540..45f3b92 100644 --- a/xine-lib.changes +++ b/xine-lib.changes @@ -1,3 +1,47 @@ +------------------------------------------------------------------- +Tue Jan 27 19:27:37 CET 2009 - mhopf@suse.de + +- Update to 1.1.16.1: + + * Security fixes: + - Heap overflow in Quicktime atom parsing. (CVE-2008-5234) + - Multiple buffer overflows. (CVE-2008-5236) + - Multiple integer overflows. (CVE-2008-5237) + - Unchecked or incompletely-checked read function results. (CVE-2008-5239) + - Unchecked malloc using untrusted values. (CVE-2008-5240, CVE-2008-5242) + - Integer underflow in qt compressed atom handling. (CVE-2008-5241) + - Buffer indexing using untrusted or unchecked values. (CVE-2008-5243) + - Integer overflows in the ffmpeg audio decoder and the CDDA server. + - Heap buffer overflow in the ffmpeg video decoder. + - Avoid segfault on invalid track type in Matroska files. + - Avoid underflow (compressed atoms) in the Qt demuxer. + * Fix reported compilation failures (with C++ programs). + * Fix CDDB access in 64-bit builds. + * Fix seeking FLV clips that don't specify the movie length in the headers. + * Support H.264 and AAC streams within FLV. + * Fix timing issues (broken audio) on mingw. + * Add ID3 tag TDRC to replace/complement the deprecated tag TYER. + * Add a new meta-tag, "Composer", and use it in the FLAC demuxer. + * Correct AAC channel ordering for multi-channel audio, at least for FLAC + when using ALSA or PulseAudio. (Needs a proper fix.) + * Add position-based seeking independent from seekpoints. + * Fix some XCB Xv attribute configuration breakage. + * Add a configuration option for Xv bicubic filtering, implemented in + xf86-video-ati 6.9.1. + * Recognise Xv "blitter" adaptors for port selection purposes. + NOTE: you will need to remove ~/.xine/catalog.cache when upgrading from + xine-lib 1.1.15 or older if you wish to use this extra option. + * Fix MMS media requests where the URI contains %-encoded characters. + * Fix two hangs related to stopping playback of broken audio streams where + no audio data is sent to the output thread. + * Fix WAV demuxer to send the last frames when they don't fit perfectly into + the buffer + * Fix build with older ffmpeg, both internal and in Debian 5.0. + * Add version check for CACA library and disable CACA plugin if needed + * Fix playback of some H.264 files (broken in 1.1.16). + * Various other build & bug fixes. + * Some FAQ list updates. + ------------------------------------------------------------------- Wed Jan 7 12:34:56 CET 2009 - olh@suse.de diff --git a/xine-lib.spec b/xine-lib.spec index 5c11888..dd8e2ce 100644 --- a/xine-lib.spec +++ b/xine-lib.spec @@ -1,5 +1,5 @@ # -# spec file for package xine-lib (Version 1.1.15) +# spec file for package xine-lib (Version 1.1.16.1) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -93,9 +93,10 @@ BuildRequires: DirectFB %if %{with modplug} BuildRequires: libmodplug %endif -Version: 1.1.15 -Release: 21 -%define abiversion 1.24 +Version: 1.1.16.1 +Release: 1 +# XINE_MAJOR.XINE_LT_CURRENT in configure.ac +%define abiversion 1.25 # bug437293 %ifarch ppc64 Obsoletes: xine-lib-64bit @@ -114,11 +115,7 @@ Source10: README.SuSE Source99: precheckin_cripple_tarball.sh # *** xine-lib: Bugfixes Patch26: xine-lib-doc-fix-X11R6.diff -Patch27: xine-lib-1.1.14-asprintf-typo.diff Patch28: xine-lib-1.1.14-ia64-is-not-alpha.diff -Patch29: xine-lib-1.1.15-cpp-compilation.diff -Patch30: xine-lib-1.1.15-demux_str.diff -Patch31: xine-lib-1.1.15-autoconf.diff # *** Addons Patch50: vdr-xine-0.8.2.diff.bz2 Patch51: vdr-xine-SUSE.diff @@ -131,8 +128,6 @@ Patch73: xine-lib-assert.patch Patch74: xine-configure.diff # *** Only working for noncrippled source Patch80: xine-lib-various-noncrippled.diff -# ffmpeg api change -Patch81: xine-lib-1.1.15-ffmpeg.diff %description xine is a free multimedia player. It plays back CDs, DVDs, and VCDs. It @@ -466,11 +461,7 @@ else fi cd xine-lib-%{version} %patch26 -%patch27 -p1 %patch28 -p1 -%patch29 -p1 -%patch30 -p1 -%patch31 -p1 %patch50 -p1 %patch51 -p1 sed -i 's|^noinst_HEADERS = input_vdr.h|xineinclude_HEADERS = input_vdr.h|' src/vdr/Makefile.am @@ -481,7 +472,6 @@ sed -i 's|^noinst_HEADERS = input_vdr.h|xineinclude_HEADERS = input_vdr.h|' src/ # Only apply to uncrippled source %if !%{with distributable} %patch80 -%patch81 -p1 %endif %patch72 -p1 %patch73 -p1 @@ -813,6 +803,46 @@ rm -rf %{buildroot} %endif %changelog +* Tue Jan 27 2009 mhopf@suse.de +- Update to 1.1.16.1: + * Security fixes: + - Heap overflow in Quicktime atom parsing. (CVE-2008-5234) + - Multiple buffer overflows. (CVE-2008-5236) + - Multiple integer overflows. (CVE-2008-5237) + - Unchecked or incompletely-checked read function results. (CVE-2008-5239) + - Unchecked malloc using untrusted values. (CVE-2008-5240, CVE-2008-5242) + - Integer underflow in qt compressed atom handling. (CVE-2008-5241) + - Buffer indexing using untrusted or unchecked values. (CVE-2008-5243) + - Integer overflows in the ffmpeg audio decoder and the CDDA server. + - Heap buffer overflow in the ffmpeg video decoder. + - Avoid segfault on invalid track type in Matroska files. + - Avoid underflow (compressed atoms) in the Qt demuxer. + * Fix reported compilation failures (with C++ programs). + * Fix CDDB access in 64-bit builds. + * Fix seeking FLV clips that don't specify the movie length in the headers. + * Support H.264 and AAC streams within FLV. + * Fix timing issues (broken audio) on mingw. + * Add ID3 tag TDRC to replace/complement the deprecated tag TYER. + * Add a new meta-tag, "Composer", and use it in the FLAC demuxer. + * Correct AAC channel ordering for multi-channel audio, at least for FLAC + when using ALSA or PulseAudio. (Needs a proper fix.) + * Add position-based seeking independent from seekpoints. + * Fix some XCB Xv attribute configuration breakage. + * Add a configuration option for Xv bicubic filtering, implemented in + xf86-video-ati 6.9.1. + * Recognise Xv "blitter" adaptors for port selection purposes. + NOTE: you will need to remove ~/.xine/catalog.cache when upgrading from + xine-lib 1.1.15 or older if you wish to use this extra option. + * Fix MMS media requests where the URI contains %%-encoded characters. + * Fix two hangs related to stopping playback of broken audio streams where + no audio data is sent to the output thread. + * Fix WAV demuxer to send the last frames when they don't fit perfectly into + the buffer + * Fix build with older ffmpeg, both internal and in Debian 5.0. + * Add version check for CACA library and disable CACA plugin if needed + * Fix playback of some H.264 files (broken in 1.1.16). + * Various other build & bug fixes. + * Some FAQ list updates. * Wed Jan 07 2009 olh@suse.de - obsolete old -XXbit packages (bnc#437293) * Thu Nov 27 2008 ro@suse.de