Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: libvorbisfile3 | Distribution: SUSE Linux Enterprise 15 |
Version: 1.3.6 | Vendor: SUSE LLC <https://www.suse.com/> |
Release: 4.3.1 | Build date: Tue Jun 5 15:12:12 2018 |
Group: System/Libraries | Build host: nebbiolo |
Size: 68112 | Source RPM: libvorbis-1.3.6-4.3.1.src.rpm |
Packager: https://www.suse.com/ | |
Url: http://www.vorbis.com/ | |
Summary: The Vorbis General Audio Compression Codec |
Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and general-purpose compressed audio format for audio and music at fixed and variable bit rates from 16 to 128 kbps/channel. The native bitstream format of Vorbis is libogg (Ogg). Alternatively, libmatroska (matroska) can also be used.
BSD-3-Clause
* Tue Jun 05 2018 tiwai@suse.de - Replace vorbis-CVE-2017-14160.patch with the upstream fix (commit 018ca26dece6), refresh vorbis-CVE-2018-10393.patch - Fix the validation of channels in mapping0_forward() (CVE-2018-10392, bsc#1091070): vorbis-CVE-2018-10392.patch * Thu May 03 2018 tiwai@suse.de - Fix out-of-bounds access inside bark_noise_hybridmp function (CVE-2017-14160, bsc#1059812): downstream fix: vorbis-CVE-2017-14160.patch - Fix stack-basedbuffer over-read in bark_noise_hybridm (CVE-2018-10393, bsc#1091072): downstream fix: vorbis-CVE-2018-10393.patch * Sat Mar 17 2018 tiwai@suse.de - Split libvorbis-doc subpackage to a separate spec file for reducing the dependencies * Fri Mar 16 2018 tiwai@suse.de - Update to version 1.3.6: * Fix CVE-2018-5146 - out-of-bounds write on codebook decoding. * Fix CVE-2017-14632 - free() on unitialized data * Fix CVE-2017-14633 - out-of-bounds read * Fix bitrate metadata parsing. * Fix out-of-bounds read in codebook parsing. * Fix residue vector size in Vorbis I spec. * Appveyor support * Travis CI support * Add secondary CMake build system. * Build system fixes - Build documents with doxygen, and many tex stuff; this requires to disable parallel builds partially - Move COPYING to license directory - Drop obsoleted patches: vorbis-fix-linking.patch 0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch 0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch libvorbis-CVE-2018-5146.patch * Fri Mar 16 2018 tiwai@suse.de - Fix VUL-0: libvorbis: Out of bounds memory write while processing Vorbis audio data (CVE-2018-5146, bsc#1085687): libvorbis-CVE-2018-5146.patch * Tue Dec 19 2017 tiwai@suse.de - Fix VUL-0: out-of-bounds array read vulnerability exists in function mapping0_forward() (CVE-2017-14633, bsc#1059811): 0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch - Fix VUL-0: Remote Code Execution upon freeing uninitialized memory in function vorbis_analysis_headerout(CVE-2017-14632, bsc#1059809): 0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch * Tue Nov 29 2016 aloisio@gmx.com - Added 32bit libvorbis-devel in baselibs.conf * Fri Mar 06 2015 mpluskal@suse.com - Cleanup spec file with spec-cleaner - Update to 1.3.5 * Tolerate single-entry codebooks. * Fix decoder crash with invalid input. * Fix encoder crash with non-positive sample rates. * Fix issues in vorbisfile's seek bisection code. * Spec errata. * Reject multiple headers of the same type. * Various build fixes and code cleanup. * Mon Aug 18 2014 fcrozat@suse.com - Fix obsoletes and provides in baselibs.conf. * Sun Feb 23 2014 andreas.stieger@gmx.de - Xiph libvorbis 1.3.4 * reduced static data size in libvorbisenc * associated minor changes required to libvorbis and libvorbisfile * minor build fixes and build system updates * no functional changes over the previous 1.3.3 release - removed libvorbis-pkgconfig.patch, in upstream - updated vorbis-fix-linking.patch for context changes * Tue Apr 16 2013 mmeister@suse.com - Added url as source. Please see http://en.opensuse.org/SourceUrls * Sat Mar 02 2013 seife+obs@b1-systems.com - fix build with automake-1.13.1 * Wed Jun 20 2012 ftake@geeko.jp - updated to 1.3.3 * vorbis: additional proofing against invalid/malicious streams in decode (see SVN for details). * vorbis: fix a memory leak in vorbis_commentheader_out(). * updates, corrections and clarifications in the Vorbis I specification document * build warning fixes * Tue Feb 21 2012 tiwai@suse.de - VUL-0: CVE-2012-0444: libvorbis: heap-based buffer overflow (bnc#747912) * Sun Dec 25 2011 idonmez@suse.com - -O20 optimization level doesn't exist, use -O3 * Fri Nov 25 2011 crrodriguez@opensuse.org - open files with O_CLOEXEC, in order to avoid fd leaks when calling applications fork() ..execve()... This patch does not cover the executable tools since it is not critical for them. * Tue Nov 22 2011 coolo@suse.com - add libtool as buildrequire to avoid implicit dependency * Mon Aug 29 2011 crrodriguez@opensuse.org - Fix build with no-add-needed * Thu May 05 2011 dmueller@suse.de - fix provides/obsoletes in baselibs * Fri Dec 10 2010 davejplater@gmail.com - Split libvorbisenc2 and libvorbisfile3 from libvorbis0 - Removed services. * Wed Dec 08 2010 coolo@novell.com - fix the package split * Wed Dec 08 2010 reddwarf@opensuse.org - updated to version 1.3.2 * vorbis: additional proofing against invalid/malicious streams in floor, residue, and bos/eos packet trimming code (see SVN for details). * vorbis: Added programming documentation tree for the low-level calls * vorbisfile: Correct handling of serial numbers array element [0] on non-seekable streams * vorbisenc: Back out an [old] AoTuV HF weighting that was first enabled in 1.3.0; there are a few samples where I really don't like the effect it causes. * vorbis: return correct timestamp for granule positions with high bit set. * vorbisfile: the [undocumented] half-rate decode api made no attempt to keep the pcm offset tracking consistent in seeks. Fix and add a testing mode to seeking_example.c to torture test seeking in halfrate mode. Also remove requirement that halfrate mode only work with seekable files. * vorbisfile: Fix a chaining bug in raw_seeks where seeking out of the current link would fail due to not reinitializing the decode machinery. * vorbisfile: improve seeking strategy. Reduces the necessary number of seek callbacks in an open or seek operation by well over 2/3. - updated to version 1.3.1 * tweak + minor arithmetic fix in floor1 fit * revert noise norm to conservative 1.2.3 behavior pending more listening testing - updated to versio 1.3.0 * Optimized surround support for 5.1 encoding at 44.1/48kHz * Added encoder control call to disable channel coupling * Correct an overflow bug in very low-bitrate encoding on 32 bit machines that caused inflated bitrates * Numerous API hardening, leak and build fixes * Correct bug in 22kHz compand setup that could cause a crash * Correct bug in 16kHz codebooks that could cause unstable pure tones at high bitrates - run spec-cleaner - removed libvorbis-automake-fix.diff, libvorbis-doc-fixes.diff, libvorbis-r16326-CVE-2009-3379.diff and libvorbis-r16597-CVE-2009-3379.diff (upstream fixed) - follow library packaging policy - run make check * Wed May 26 2010 tiwai@suse.de - VUL-0: libvorbis: memory corruption while parsing ogg files (bnc#608192, CVE-2009-3379) * Wed Dec 16 2009 jengelh@medozas.de - add baselibs.conf as a source - enable parallel building - package documentation as noarch * Wed Nov 11 2009 tiwai@suse.de - updated to version 1.2.3: * correct a vorbisfile bug that prevented proper playback of Vorbis files where all audio in a logical stream is in a single page * Additional decode setup hardening against malicious streams * Add 'OV_EXCLUDE_STATIC_CALLBACKS' define for developers who wish to avoid avoid unused symbol warnings from the static callbacks defined in vorbisfile.h - updated to version 1.2.2: * define VENDOR and ENCODER strings * seek correctly in files bigger than 2 GB (Windows) * fix regression from CVE-2008-1420; 1.0b1 files work again * mark all tables as constant to reduce memory occupation * additional decoder hardening against malicious streams * substantially reduce amount of seeking performed by Vorbisfile * Multichannel decode bugfix * build system updates * minor specification clarifications/fixes - dropped aotuv patch temporarily * Thu Jul 23 2009 tiwai@suse.de - updated to aoTuV patch version beta5.7: * including security fixes * improved encoding speed of low bitrate mode * reduced distrotion by clipping at low sampling frequency * fixed noise control part of impulse block * tuning of each part was redone * expanded noise control of the impulse block * fixed pre-echo reduction code * noise normalization reviewed * detailed tuning done again * Mon Jun 22 2009 coolo@novell.com - fix build with automake 1.11
/usr/lib64/libvorbisfile.so.3 /usr/lib64/libvorbisfile.so.3.3.7
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 15:47:03 2024