Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libvorbis-devel-1.3.6-4.3.1 RPM for s390x

From OpenSuSE Leap 15.3 for s390x

Name: libvorbis-devel Distribution: SUSE Linux Enterprise 15
Version: 1.3.6 Vendor: SUSE LLC <https://www.suse.com/>
Release: 4.3.1 Build date: Tue Jun 5 15:18:40 2018
Group: Development/Libraries/C and C++ Build host: s390lpd
Size: 40844 Source RPM: libvorbis-1.3.6-4.3.1.src.rpm
Packager: https://www.suse.com/
Url: http://www.vorbis.com/
Summary: Include Files and Libraries mandatory for Ogg Vorbis Development
This package contains all necessary include files and libraries needed
to compile and develop applications that use libvorbis.

Provides

Requires

License

BSD-3-Clause

Changelog

* Tue Jun 05 2018 tiwai@suse.de
  - Replace vorbis-CVE-2017-14160.patch with the upstream fix
    (commit 018ca26dece6), refresh vorbis-CVE-2018-10393.patch
  - Fix the validation of channels in mapping0_forward()
    (CVE-2018-10392, bsc#1091070):
    vorbis-CVE-2018-10392.patch
* Thu May 03 2018 tiwai@suse.de
  - Fix out-of-bounds access inside bark_noise_hybridmp function
    (CVE-2017-14160, bsc#1059812):
    downstream fix: vorbis-CVE-2017-14160.patch
  - Fix stack-basedbuffer over-read in bark_noise_hybridm
    (CVE-2018-10393, bsc#1091072):
    downstream fix: vorbis-CVE-2018-10393.patch
* Sat Mar 17 2018 tiwai@suse.de
  - Split libvorbis-doc subpackage to a separate spec file for
    reducing the dependencies
* Fri Mar 16 2018 tiwai@suse.de
  - Update to version 1.3.6:
    * Fix CVE-2018-5146 - out-of-bounds write on codebook decoding.
    * Fix CVE-2017-14632 - free() on unitialized data
    * Fix CVE-2017-14633 - out-of-bounds read
    * Fix bitrate metadata parsing.
    * Fix out-of-bounds read in codebook parsing.
    * Fix residue vector size in Vorbis I spec.
    * Appveyor support
    * Travis CI support
    * Add secondary CMake build system.
    * Build system fixes
  - Build documents with doxygen, and many tex stuff;
    this requires to disable parallel builds partially
  - Move COPYING to license directory
  - Drop obsoleted patches:
    vorbis-fix-linking.patch
    0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
    0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
    libvorbis-CVE-2018-5146.patch
* Fri Mar 16 2018 tiwai@suse.de
  - Fix VUL-0: libvorbis: Out of bounds memory write while processing
    Vorbis audio data (CVE-2018-5146, bsc#1085687):
    libvorbis-CVE-2018-5146.patch
* Tue Dec 19 2017 tiwai@suse.de
  - Fix VUL-0: out-of-bounds array read vulnerability exists in
    function mapping0_forward() (CVE-2017-14633, bsc#1059811):
    0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
  - Fix VUL-0: Remote Code Execution upon freeing uninitialized
    memory in function vorbis_analysis_headerout(CVE-2017-14632,
    bsc#1059809):
    0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
* Tue Nov 29 2016 aloisio@gmx.com
  - Added 32bit libvorbis-devel in baselibs.conf
* Fri Mar 06 2015 mpluskal@suse.com
  - Cleanup spec file with spec-cleaner
  - Update to 1.3.5
    * Tolerate single-entry codebooks.
    * Fix decoder crash with invalid input.
    * Fix encoder crash with non-positive sample rates.
    * Fix issues in vorbisfile's seek bisection code.
    * Spec errata.
    * Reject multiple headers of the same type.
    * Various build fixes and code cleanup.
* Mon Aug 18 2014 fcrozat@suse.com
  - Fix obsoletes and provides in baselibs.conf.
* Sun Feb 23 2014 andreas.stieger@gmx.de
  - Xiph libvorbis 1.3.4
    * reduced static data size in libvorbisenc
    * associated minor changes required to libvorbis and libvorbisfile
    * minor build fixes and build system updates
    * no functional changes over the previous 1.3.3 release
  - removed libvorbis-pkgconfig.patch, in upstream
  - updated vorbis-fix-linking.patch for context changes
* Tue Apr 16 2013 mmeister@suse.com
  - Added url as source.
    Please see http://en.opensuse.org/SourceUrls
* Sat Mar 02 2013 seife+obs@b1-systems.com
  - fix build with automake-1.13.1
* Wed Jun 20 2012 ftake@geeko.jp
  - updated to 1.3.3
    * vorbis: additional proofing against invalid/malicious
    streams in decode (see SVN for details).
    * vorbis: fix a memory leak in vorbis_commentheader_out().
    * updates, corrections and clarifications in the Vorbis I
    specification document
    * build warning fixes
* Tue Feb 21 2012 tiwai@suse.de
  - VUL-0: CVE-2012-0444: libvorbis: heap-based buffer overflow
    (bnc#747912)
* Sun Dec 25 2011 idonmez@suse.com
  - -O20 optimization level doesn't exist, use -O3
* Fri Nov 25 2011 crrodriguez@opensuse.org
  - open files with O_CLOEXEC, in order to avoid fd leaks
    when calling applications fork() ..execve()...
    This patch does not cover the executable tools since
    it is not critical for them.
* Tue Nov 22 2011 coolo@suse.com
  - add libtool as buildrequire to avoid implicit dependency
* Mon Aug 29 2011 crrodriguez@opensuse.org
  - Fix build with no-add-needed
* Thu May 05 2011 dmueller@suse.de
  - fix provides/obsoletes in baselibs
* Fri Dec 10 2010 davejplater@gmail.com
  - Split libvorbisenc2 and libvorbisfile3 from libvorbis0
  - Removed services.
* Wed Dec 08 2010 coolo@novell.com
  - fix the package split
* Wed Dec 08 2010 reddwarf@opensuse.org
  - updated to version 1.3.2
    * vorbis: additional proofing against invalid/malicious
    streams in floor, residue, and bos/eos packet trimming
    code (see SVN for details).
    * vorbis: Added programming documentation tree for the
    low-level calls
    * vorbisfile: Correct handling of serial numbers array
    element [0] on non-seekable streams
    * vorbisenc: Back out an [old] AoTuV HF weighting that was
    first enabled in 1.3.0; there are a few samples where I
    really don't like the effect it causes.
    * vorbis: return correct timestamp for granule positions
    with high bit set.
    * vorbisfile: the [undocumented] half-rate decode api made no
    attempt to keep the pcm offset tracking consistent in seeks.
    Fix and add a testing mode to seeking_example.c to torture
    test seeking in halfrate mode.  Also remove requirement that
    halfrate mode only work with seekable files.
    * vorbisfile:  Fix a chaining bug in raw_seeks where seeking
    out of the current link would fail due to not
    reinitializing the decode machinery.
    * vorbisfile: improve seeking strategy. Reduces the
    necessary number of seek callbacks in an open or seek
    operation by well over 2/3.
  - updated to version 1.3.1
    * tweak + minor arithmetic fix in floor1 fit
    * revert noise norm to conservative 1.2.3 behavior pending
    more listening testing
  - updated to versio 1.3.0
    * Optimized surround support for 5.1 encoding at 44.1/48kHz
    * Added encoder control call to disable channel coupling
    * Correct an overflow bug in very low-bitrate encoding on 32 bit
    machines that caused inflated bitrates
    * Numerous API hardening, leak and build fixes
    * Correct bug in 22kHz compand setup that could cause a crash
    * Correct bug in 16kHz codebooks that could cause unstable pure
    tones at high bitrates
  - run spec-cleaner
  - removed libvorbis-automake-fix.diff, libvorbis-doc-fixes.diff,
    libvorbis-r16326-CVE-2009-3379.diff and
    libvorbis-r16597-CVE-2009-3379.diff (upstream fixed)
  - follow library packaging policy
  - run make check
* Wed May 26 2010 tiwai@suse.de
  - VUL-0: libvorbis: memory corruption while parsing ogg files
    (bnc#608192, CVE-2009-3379)
* Wed Dec 16 2009 jengelh@medozas.de
  - add baselibs.conf as a source
  - enable parallel building
  - package documentation as noarch
* Wed Nov 11 2009 tiwai@suse.de
  - updated to version 1.2.3:
    * correct a vorbisfile bug that prevented proper playback of
    Vorbis files where all audio in a logical stream is in a
    single page
    * Additional decode setup hardening against malicious streams
    * Add 'OV_EXCLUDE_STATIC_CALLBACKS' define for developers who
    wish to avoid avoid unused symbol warnings from the static
    callbacks defined in vorbisfile.h
  - updated to version 1.2.2:
    * define VENDOR and ENCODER strings
    * seek correctly in files bigger than 2 GB (Windows)
    * fix regression from CVE-2008-1420; 1.0b1 files work again
    * mark all tables as constant to reduce memory occupation
    * additional decoder hardening against malicious streams
    * substantially reduce amount of seeking performed by Vorbisfile
    * Multichannel decode bugfix
    * build system updates
    * minor specification clarifications/fixes
  - dropped aotuv patch temporarily
* Thu Jul 23 2009 tiwai@suse.de
  - updated to aoTuV patch version beta5.7:
    * including security fixes
    * improved encoding speed of low bitrate mode
    * reduced distrotion by clipping at low sampling frequency
    * fixed noise control part of impulse block
    * tuning of each part was redone
    * expanded noise control of the impulse block
    * fixed pre-echo reduction code
    * noise normalization reviewed
    * detailed tuning done again
* Mon Jun 22 2009 coolo@novell.com
  - fix build with automake 1.11

Files

/usr/include/vorbis
/usr/include/vorbis/codec.h
/usr/include/vorbis/vorbisenc.h
/usr/include/vorbis/vorbisfile.h
/usr/lib64/libvorbis.so
/usr/lib64/libvorbisenc.so
/usr/lib64/libvorbisfile.so
/usr/lib64/pkgconfig/vorbis.pc
/usr/lib64/pkgconfig/vorbisenc.pc
/usr/lib64/pkgconfig/vorbisfile.pc
/usr/share/aclocal/vorbis.m4
/usr/share/doc/packages/libvorbis-devel
/usr/share/doc/packages/libvorbis-devel/AUTHORS
/usr/share/licenses/libvorbis-devel
/usr/share/licenses/libvorbis-devel/COPYING


Generated by rpm2html 1.8.1

Fabrice Bellet, Sat Mar 9 15:01:09 2024