Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

libvorbis-devel-1.3.7-4.1 RPM for armv6hl

From OpenSuSE Ports Tumbleweed for armv6hl

Name: libvorbis-devel Distribution: openSUSE Tumbleweed
Version: 1.3.7 Vendor: openSUSE
Release: 4.1 Build date: Tue May 9 13:08:44 2023
Group: Development/Libraries/C and C++ Build host: obs-arm-10
Size: 40896 Source RPM: libvorbis-1.3.7-4.1.src.rpm
Packager: http://bugs.opensuse.org
Url: http://www.vorbis.com/
Summary: Include Files and Libraries mandatory for Ogg Vorbis Development
This package contains all necessary include files and libraries needed
to compile and develop applications that use libvorbis.

Provides

Requires

License

BSD-3-Clause

Changelog

* Thu May 04 2023 Dominique Leuenberger <dimstar@opensuse.org>
  - Add _multibuild to define 2nd spec file as additional flavor.
    Eliminates the need for source package links in OBS.
* Mon Mar 13 2023 Martin Pluskal <mpluskal@suse.com>
  - Build AVX2 enabled hwcaps library for x86_64-v3
  - Small spec file cleanup
* Wed Jun 15 2022 Callum Farmer <gmbr3@opensuse.org>
  - Remove bad %defattr - not needed and causes SHLIB non-executable
    rpmlint error
* Fri Jul 10 2020 Martin Hauke <mardnh@gmx.de>
  - Update to version 1.3.7
    * Fix CVE-2018-10392 and CVE-2018-10393 - out-of-bounds read
      encoding very low sample rates
    * Fix CVE-2017-14160 - out-of-bounds read encoding very low
      sample rates.
    * Fix handling invalid bytes per sample arguments.
    * Fix handling invalid channel count arguments.
    * Fix invalid free on seek failure.
    * Fix negative shift reading blocksize.
    * Fix accepting unreasonable float32 values.
    * Fix tag comparison depending on locale.
    * Fix unnecessarily linking libm.
    * Fix memory leak in test_sharedbook.
    * Distribute CMake build files with the source package.
    * Remove unnecessary configure --target switch.
    * Add OSS-Fuzz support.
    * Build system and integration updates.
  - Drop not longer needed patches (fixed by upstream):
    * vorbis-CVE-2017-14160.patch
    * vorbis-CVE-2018-10392.patch
    * vorbis-CVE-2018-10393.patch
  - Add source verification
* Tue Jun 05 2018 tiwai@suse.de
  - Replace vorbis-CVE-2017-14160.patch with the upstream fix
    (commit 018ca26dece6), refresh vorbis-CVE-2018-10393.patch
  - Fix the validation of channels in mapping0_forward()
    (CVE-2018-10392, bsc#1091070):
    vorbis-CVE-2018-10392.patch
* Thu May 03 2018 tiwai@suse.de
  - Fix out-of-bounds access inside bark_noise_hybridmp function
    (CVE-2017-14160, bsc#1059812):
    downstream fix: vorbis-CVE-2017-14160.patch
  - Fix stack-basedbuffer over-read in bark_noise_hybridm
    (CVE-2018-10393, bsc#1091072):
    downstream fix: vorbis-CVE-2018-10393.patch
* Sat Mar 17 2018 tiwai@suse.de
  - Split libvorbis-doc subpackage to a separate spec file for
    reducing the dependencies
* Fri Mar 16 2018 tiwai@suse.de
  - Update to version 1.3.6:
    * Fix CVE-2018-5146 - out-of-bounds write on codebook decoding.
    * Fix CVE-2017-14632 - free() on unitialized data
    * Fix CVE-2017-14633 - out-of-bounds read
    * Fix bitrate metadata parsing.
    * Fix out-of-bounds read in codebook parsing.
    * Fix residue vector size in Vorbis I spec.
    * Appveyor support
    * Travis CI support
    * Add secondary CMake build system.
    * Build system fixes
  - Build documents with doxygen, and many tex stuff;
    this requires to disable parallel builds partially
  - Move COPYING to license directory
  - Drop obsoleted patches:
    vorbis-fix-linking.patch
    0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
    0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
    libvorbis-CVE-2018-5146.patch
* Fri Mar 16 2018 tiwai@suse.de
  - Fix VUL-0: libvorbis: Out of bounds memory write while processing
    Vorbis audio data (CVE-2018-5146, bsc#1085687):
    libvorbis-CVE-2018-5146.patch
* Tue Dec 19 2017 tiwai@suse.de
  - Fix VUL-0: out-of-bounds array read vulnerability exists in
    function mapping0_forward() (CVE-2017-14633, bsc#1059811):
    0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
  - Fix VUL-0: Remote Code Execution upon freeing uninitialized
    memory in function vorbis_analysis_headerout(CVE-2017-14632,
    bsc#1059809):
    0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch

Files

/usr/include/vorbis
/usr/include/vorbis/codec.h
/usr/include/vorbis/vorbisenc.h
/usr/include/vorbis/vorbisfile.h
/usr/lib/libvorbis.so
/usr/lib/libvorbisenc.so
/usr/lib/libvorbisfile.so
/usr/lib/pkgconfig/vorbis.pc
/usr/lib/pkgconfig/vorbisenc.pc
/usr/lib/pkgconfig/vorbisfile.pc
/usr/share/aclocal/vorbis.m4
/usr/share/doc/packages/libvorbis-devel
/usr/share/doc/packages/libvorbis-devel/AUTHORS
/usr/share/licenses/libvorbis-devel
/usr/share/licenses/libvorbis-devel/COPYING


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Feb 9 10:51:53 2024