LogoopenSUSE Build Service > Request 174356
Sign Up | Log In

Request 174356 (accepted)

- Update to new upstream release 4.1.1
- CVE-2013-1980, bnc#816454

Submit package multimedia:libs / libxmp (revision 12) to package openSUSE:Factory / libxmp

[-] [+] Changed libxmp.changes
[-] [+] Changed libxmp.spec ^
[-] [+] Added 0001-test-Fix-play_buffer-test.patch ^
Deleted libxmp-4.0.4.tar.xz/test/data/aon.wingsofdeath1.stc ^
[-] [+] Deleted libxmp-4.0.4.tar.xz/test/test_load_sample_16bit.c ^
[-] [+] Deleted libxmp-4.0.4.tar.xz/test/test_load_sample_8bit.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/Makefile.in ^
[-] [+] Changed libxmp-4.1.1.tar.xz/README ^
[-] [+] Added libxmp-4.1.1.tar.xz/config.guess ^
[-] [+] Added libxmp-4.1.1.tar.xz/config.sub ^
[-] [+] Changed libxmp-4.1.1.tar.xz/configure ^
[-] [+] Changed libxmp-4.1.1.tar.xz/configure.ac ^
[-] [+] Changed libxmp-4.1.1.tar.xz/docs/Changelog ^
[-] [+] Changed libxmp-4.1.1.tar.xz/docs/libxmp.3 ^
[-] [+] Changed libxmp-4.1.1.tar.xz/docs/libxmp.html ^
[-] [+] Changed libxmp-4.1.1.tar.xz/docs/libxmp.pdf ^
[-] [+] Changed libxmp-4.1.1.tar.xz/docs/libxmp.rst ^
[-] [+] Changed libxmp-4.1.1.tar.xz/include/xmp.h ^
[-] [+] Changed libxmp-4.1.1.tar.xz/libxmp.map ^
[-] [+] Changed libxmp-4.1.1.tar.xz/libxmp.pc.in ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/common.h ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/control.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/depackers/ppdepack.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/depackers/s404_dec.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/depackers/unzip.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/depackers/xfd.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/depackers/xz.h ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/depackers/xz_dec_lzma2.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/effects.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/envelope.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/filter.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/fmopl.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/fnmatch.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/list.h ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/load_helpers.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/669_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/alm_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/amd_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/amf_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/arch_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/asif.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/asylum_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/coco_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/common.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/dbm_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/digi_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/dmf_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/dt_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/dtt_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/emod_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/far_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/flt_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/fnk_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/gal4_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/gal5_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/gdm_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/gtk_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/hsc_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/ice_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/imf_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/ims_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/it_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/liq_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/loader.h ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/masi_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/mdl_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/med2_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/med3_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/med4_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/mfp_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/mgt_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/mmd1_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/mmd3_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/mod_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/mtm_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/no_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/okt_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/polly_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/psm_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/pt3_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/ptm_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/pw_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/rad_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/rtm_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/s3m_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/sample.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/sfx_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/st_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/stc_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/stim_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/stm_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/stx_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/sym_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/tcb_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/ult_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/xm.h ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/loaders/xm_load.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/md5.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/md5.h ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/med_synth.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/misc.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/mixer.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/mkstemp.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/player.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/player.h ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/read_event.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/scan.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/src/win32/libxmp.dsp ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/Makefile ^
Added libxmp-4.1.1.tar.xz/test/data/MED.Synth-a-sysmic ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/data/corrupted.gz ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/data/med_synth_2.data ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/data/mixer_16bit_linear_filter.data ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/data/mixer_16bit_spline_filter.data ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/data/mixer_8bit_linear_filter.data ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/data/mixer_8bit_spline_filter.data ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/data/note_after_cut.data ^
Added libxmp-4.1.1.tar.xz/test/data/note_after_cut.it ^
Added libxmp-4.1.1.tar.xz/test/data/pcm_buffer.raw ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/data/portamento_after_keyoff.data ^
Added libxmp-4.1.1.tar.xz/test/data/portamento_after_keyoff.it ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/data/portamento_after_keyoff_cg.data ^
Added libxmp-4.1.1.tar.xz/test/data/portamento_after_keyoff_cg.it ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/data/storlek_03.data ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/data/storlek_04.data ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/data/storlek_05.data ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/data/storlek_18.data ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/data/storlek_23.data ^
Added libxmp-4.1.1.tar.xz/test/data/synth-a-.med.stc ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/main.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/simple_module.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test.h ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_api_load_module.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_api_play_buffer.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_api_set_player.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_api_start_player.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_api_test_module.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_depack_it_sample_8bit.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_depack_s404.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_effect_4_vibrato.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_effect_a_volslide.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_effect_ef_invert_loop.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_effect_fine_vibrato.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_effect_persistent_vibrato.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_effect_track_volslide.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_mixer_downmix_16bit.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_mixer_downmix_8bit.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_player_ft2_note_noins_after_keyoff.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_player_it_note_after_cut.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_player_it_portamento_after_keyoff.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_player_it_portamento_after_keyoff_cg.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_player_med_synth_2.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_sample_load_16bit.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_sample_load_8bit.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_sample_load_delta.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_sample_load_endian.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_sample_load_signal.c ^
[-] [+] Added libxmp-4.1.1.tar.xz/test/test_sample_load_skip.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_storlek_19_random_waveform.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_string_adjustment.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_synth_adlib.c ^
[-] [+] Changed libxmp-4.1.1.tar.xz/test/test_synth_spectrum.c ^

Mentioned Issues (2)

CVE-2013-1980
Buffer overflow in the get_dsmp function in loaders/masi_load.c in libxmp before 4.1.0 allows remote attackers to execute arbitrary code via a crafted MASI file.
boo#816454 Jan Engelhardt jengelh Closed
VUL-0: CVE-2013-1980: libxmp: buffer overflow

There's nothing to be done right now

Request History

Jan Engelhardt jengelh created request over 3 years ago
- Update to new upstream release 4.1.1
- CVE-2013-1980, bnc#816454
Factory Auto factory-auto Request got a new review request over 3 years ago
Please review sources
Factory Auto factory-auto Request got a new review request over 3 years ago
Please review build success
Factory Auto factory-auto Review got accepted over 3 years ago
Check script succeeded
Juergen ldig Weigert licensedigger Review got accepted over 3 years ago
{"approve": "preliminary, version number changed"} <!-- {
  "dest": {
    "ldb": {
      "review": "never", 
      "rpm_license": "{\"libxmp.spec\":{\"-n %lname\":[\"LGPL-2.1\"],\"libxmp\":[\"LGPL-2.1\"],\"devel\":[\"LGPL-2.1\"]}}", 
      "status": "production", 
      "version": "4.0.4"
    }, 
    "license": {
      "libxmp.spec": {
        "-n %lname": [
          "LGPL-2.1"
        ], 
        "devel": [
          "LGPL-2.1"
        ], 
        "libxmp": [
          "LGPL-2.1"
        ]
      }
    }, 
    "version": "4.0.4"
  }, 
  "hint": [
    "version changed: src('4.0.4') differs from dest('4.1.1')", 
    "no ldb.risk defined, okay as per bnc#771677. ", 
    "ldb.review was (apparently) never done"
  ], 
  "plugin": "0.54", 
  "src": {
    "auto-co": "/api.opensuse.org/multimedia:libs/libxmp%4.1.1%r12", 
    "kiwi_only": false, 
    "license": {
      "libxmp.spec": {
        "-n %lname": [
          "LGPL-2.1"
        ], 
        "devel": [
          "LGPL-2.1"
        ], 
        "libxmp": [
          "LGPL-2.1"
        ]
      }
    }, 
    "rev": "12", 
    "version": "4.1.1", 
    "version_diff": "src('4.0.4') differs from dest('4.1.1')"
  }
} -->
Factory Repo Checker factory-repo-checker Review got accepted over 3 years ago
Builds for repo openSUSE_Factory
Michal Vyskocil mvyskocil Request got reviewed over 3 years ago
Michal Vyskocil mvyskocil Review got accepted over 3 years ago
Stephan Kulow coolo Request got accepted over 3 years ago
checkin

Comments for request 174356 (0)