openSUSE Build Service

buildservice-autocommit accepted request 651403 from

Takashi Iwai (tiwai) over 5 years ago (revision 73)

baserev update by copy to link target

Takashi Iwai (tiwai) committed over 5 years ago (revision 72)

Make libsndfile-progs.changes more compact, for a better submission to TW

Takashi Iwai (tiwai) committed over 5 years ago (revision 71)

- Fix potential overflow in d2alaw_array() (CVE-2017-17456,
  bsc#1071777):
  libsndfile-CVE-2017-17456-alaw-range-check.patch
- Fix potential overflow in d2ulaw_array() (CVE-2017-17457,
  bsc#1071767):
  libsndfile-CVE-2017-17457-ulaw-range-check.patch

- Fix VUL-0: divide-by-zero error exists in the function
  double64_init() in double64.c (CVE-2017-14634, bsc#1059911):
  0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
- Tentative fix for VUL-0: out of bounds read in the function
  d2alaw_array() in alaw.c (CVE-2017-14245, bsc#1059912) and
  VUL-0: out of bounds read in the function d2ulaw_array() in
  ulaw.c (CVE-2017-14246, bsc#1059913):
  0031-sfe_copy_data_fp-check-value-of-max-variable.patch

- Fix Heap-based Buffer Overflow in the psf_binheader_writef
  (CVE-2017-12562, bsc#1052476):
  0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch

- Fix out-of-bounds read memory access in the aiff_read_chanmap()
  (CVE-2017-6892, bsc#1043978):
  0010-src-aiff.c-Fix-a-buffer-read-overflow.patch

- Fix FLAC buffer overflows (CVE-2017-8361 CVE-2017-8363
  CVE-2017-8365 CVE-2017-8362 bsc#1036944 bsc#1036945 bsc#1036946
  bsc#1036943):
  0001-FLAC-Fix-a-buffer-read-overrun.patch
  0002-src-flac.c-Fix-a-buffer-read-overflow.patch

Takashi Iwai (tiwai) accepted request 651383 from

Takashi Iwai (tiwai) over 5 years ago (revision 70)

- Fix buffer overflow in sndfile-deinterleave, which isn't really a
  security issue (bsc#1100167, CVE-2018-13139, bsc#1116993,
  CVE-2018-19432):
  sndfile-deinterlace-channels-check.patch

- Fix buffer overflow in sndfile-deinterleave, which isn't really a
  security issue (bsc#1100167, CVE-2018-13139, bsc#1116993,
  CVE-2018-19432):

buildservice-autocommit accepted request 621331 from

Takashi Iwai (tiwai) almost 6 years ago (revision 69)

baserev update by copy to link target

Takashi Iwai (tiwai) accepted request 621327 from

Takashi Iwai (tiwai) almost 6 years ago (revision 68)

- Fix buffer overflow in sndfile-deinterlace, which isn't really a
  security issue (bsc#1100167, CVE-2018-13139):
  sndfile-deinterlace-channels-check.patch

buildservice-autocommit accepted request 615239 from

Takashi Iwai (tiwai) almost 6 years ago (revision 67)

baserev update by copy to link target

Takashi Iwai (tiwai) accepted request 615236 from

Takashi Iwai (tiwai) almost 6 years ago (revision 66)

- Use license file tag

- Fix potential overflow in d2alaw_array() (CVE-2017-17456,
  bsc#1071777):
  libsndfile-CVE-2017-17456-alaw-range-check.patch
- Fix potential overflow in d2ulaw_array() (CVE-2017-17457,
  bsc#1071767):
  libsndfile-CVE-2017-17457-ulaw-range-check.patch

buildservice-autocommit accepted request 558623 from

Tomáš Chvátal (scarabeus_iv) over 6 years ago (revision 65)

baserev update by copy to link target

Tomáš Chvátal (scarabeus_iv) accepted request 558585 from

Takashi Iwai (tiwai) over 6 years ago (revision 64)

- Fix VUL-0: divide-by-zero error exists in the function
  double64_init() in double64.c (CVE-2017-14634, bsc#1059911):
  0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
- Tentative fix for VUL-0: out of bounds read in the function
  d2alaw_array() in alaw.c (CVE-2017-14245, bsc#1059912) and
  VUL-0: out of bounds read in the function d2ulaw_array() in
  ulaw.c (CVE-2017-14246, bsc#1059913):
  0031-sfe_copy_data_fp-check-value-of-max-variable.patch

buildservice-autocommit accepted request 515153 from

Takashi Iwai (tiwai) almost 7 years ago (revision 63)

baserev update by copy to link target

Takashi Iwai (tiwai) accepted request 515150 from

Takashi Iwai (tiwai) almost 7 years ago (revision 62)

- Fix Heap-based Buffer Overflow in the psf_binheader_writef
  (CVE-2017-12562, bsc#1052476):
  0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch

buildservice-autocommit accepted request 503303 from

Takashi Iwai (tiwai) almost 7 years ago (revision 61)

baserev update by copy to link target

Takashi Iwai (tiwai) accepted request 503301 from

Takashi Iwai (tiwai) almost 7 years ago (revision 60)

- Fix out-of-bounds read memory access in the aiff_read_chanmap()
  (CVE-2017-6892, bsc#1043978):
  0010-src-aiff.c-Fix-a-buffer-read-overflow.patch

buildservice-autocommit accepted request 492489 from

Tomáš Chvátal (scarabeus_iv) about 7 years ago (revision 59)

baserev update by copy to link target

Tomáš Chvátal (scarabeus_iv) accepted request 492475 from

Takashi Iwai (tiwai) about 7 years ago (revision 58)

- Fix FLAC buffer overflows (CVE-2017-8361 CVE-2017-8363
  CVE-2017-8365 CVE-2017-8362 bsc#1036944 bsc#1036945 bsc#1036946
  bsc#1036943):
  0001-FLAC-Fix-a-buffer-read-overrun.patch
  0002-src-flac.c-Fix-a-buffer-read-overflow.patch

buildservice-autocommit accepted request 487149 from

mrdocs about 7 years ago (revision 57)

baserev update by copy to link target

mrdocs accepted request 487058 from

Takashi Iwai (tiwai) about 7 years ago (revision 56)

- Update to version 1.0.27:
  * Fix a seek regression in 1.0.26
  * Add metadata read/write for CAF and RF64
  * FIx PAF endian-ness issue
- Update to version 1.0.28
  * Fix buffer overruns in FLAC and ID3 handling code
   (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053)
  * Reduce default header memory requirements
  * Fix detection of Large File Support for 32 bit systems.
- Obsoleted patch:
  libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch

- Update to version 1.0.27:
  * Fix a seek regression in 1.0.26
  * Add metadata read/write for CAF and RF64
  * FIx PAF endian-ness issue
- Update to version 1.0.28
  * Fix buffer overruns in FLAC and ID3 handling code
   (CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053)
  * Reduce default header memory requirements
  * Fix detection of Large File Support for 32 bit systems. 
- Obsoleted patch:
  libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch

buildservice-autocommit accepted request 394782 from

Ismail Dönmez (namtrac) about 8 years ago (revision 55)

baserev update by copy to link target

Ismail Dönmez (namtrac) accepted request 394680 from

Tom Mbrt (derselbst) about 8 years ago (revision 54)

fix spec file for non opensuse OS

Places

Revisions of libsndfile

Places