| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libvorbisfile3-32bit | Distribution: SUSE Linux Enterprise 15 |
| Version: 1.3.6 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 4.3.1 | Build date: Tue Jun 5 15:12:30 2018 |
| Group: System/Libraries | Build host: sheep27 |
| Size: 38488 | Source RPM: libvorbis-1.3.6-4.3.1.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: http://www.vorbis.com/ | |
| Summary: The Vorbis General Audio Compression Codec | |
Vorbis is a fully open, nonproprietary, patent-and-royalty-free, and general-purpose compressed audio format for audio and music at fixed and variable bit rates from 16 to 128 kbps/channel. The native bitstream format of Vorbis is libogg (Ogg). Alternatively, libmatroska (matroska) can also be used.
BSD-3-Clause
* Tue Jun 05 2018 tiwai@suse.de
- Replace vorbis-CVE-2017-14160.patch with the upstream fix
(commit 018ca26dece6), refresh vorbis-CVE-2018-10393.patch
- Fix the validation of channels in mapping0_forward()
(CVE-2018-10392, bsc#1091070):
vorbis-CVE-2018-10392.patch
* Thu May 03 2018 tiwai@suse.de
- Fix out-of-bounds access inside bark_noise_hybridmp function
(CVE-2017-14160, bsc#1059812):
downstream fix: vorbis-CVE-2017-14160.patch
- Fix stack-basedbuffer over-read in bark_noise_hybridm
(CVE-2018-10393, bsc#1091072):
downstream fix: vorbis-CVE-2018-10393.patch
* Sat Mar 17 2018 tiwai@suse.de
- Split libvorbis-doc subpackage to a separate spec file for
reducing the dependencies
* Fri Mar 16 2018 tiwai@suse.de
- Update to version 1.3.6:
* Fix CVE-2018-5146 - out-of-bounds write on codebook decoding.
* Fix CVE-2017-14632 - free() on unitialized data
* Fix CVE-2017-14633 - out-of-bounds read
* Fix bitrate metadata parsing.
* Fix out-of-bounds read in codebook parsing.
* Fix residue vector size in Vorbis I spec.
* Appveyor support
* Travis CI support
* Add secondary CMake build system.
* Build system fixes
- Build documents with doxygen, and many tex stuff;
this requires to disable parallel builds partially
- Move COPYING to license directory
- Drop obsoleted patches:
vorbis-fix-linking.patch
0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
libvorbis-CVE-2018-5146.patch
* Fri Mar 16 2018 tiwai@suse.de
- Fix VUL-0: libvorbis: Out of bounds memory write while processing
Vorbis audio data (CVE-2018-5146, bsc#1085687):
libvorbis-CVE-2018-5146.patch
* Tue Dec 19 2017 tiwai@suse.de
- Fix VUL-0: out-of-bounds array read vulnerability exists in
function mapping0_forward() (CVE-2017-14633, bsc#1059811):
0001-CVE-2017-14633-Don-t-allow-for-more-than-256-channel.patch
- Fix VUL-0: Remote Code Execution upon freeing uninitialized
memory in function vorbis_analysis_headerout(CVE-2017-14632,
bsc#1059809):
0002-CVE-2017-14632-vorbis_analysis_header_out-Don-t-clea.patch
* Tue Nov 29 2016 aloisio@gmx.com
- Added 32bit libvorbis-devel in baselibs.conf
* Fri Mar 06 2015 mpluskal@suse.com
- Cleanup spec file with spec-cleaner
- Update to 1.3.5
* Tolerate single-entry codebooks.
* Fix decoder crash with invalid input.
* Fix encoder crash with non-positive sample rates.
* Fix issues in vorbisfile's seek bisection code.
* Spec errata.
* Reject multiple headers of the same type.
* Various build fixes and code cleanup.
* Mon Aug 18 2014 fcrozat@suse.com
- Fix obsoletes and provides in baselibs.conf.
* Sun Feb 23 2014 andreas.stieger@gmx.de
- Xiph libvorbis 1.3.4
* reduced static data size in libvorbisenc
* associated minor changes required to libvorbis and libvorbisfile
* minor build fixes and build system updates
* no functional changes over the previous 1.3.3 release
- removed libvorbis-pkgconfig.patch, in upstream
- updated vorbis-fix-linking.patch for context changes
* Tue Apr 16 2013 mmeister@suse.com
- Added url as source.
Please see http://en.opensuse.org/SourceUrls
* Sat Mar 02 2013 seife+obs@b1-systems.com
- fix build with automake-1.13.1
* Wed Jun 20 2012 ftake@geeko.jp
- updated to 1.3.3
* vorbis: additional proofing against invalid/malicious
streams in decode (see SVN for details).
* vorbis: fix a memory leak in vorbis_commentheader_out().
* updates, corrections and clarifications in the Vorbis I
specification document
* build warning fixes
* Tue Feb 21 2012 tiwai@suse.de
- VUL-0: CVE-2012-0444: libvorbis: heap-based buffer overflow
(bnc#747912)
* Sun Dec 25 2011 idonmez@suse.com
- -O20 optimization level doesn't exist, use -O3
* Fri Nov 25 2011 crrodriguez@opensuse.org
- open files with O_CLOEXEC, in order to avoid fd leaks
when calling applications fork() ..execve()...
This patch does not cover the executable tools since
it is not critical for them.
* Tue Nov 22 2011 coolo@suse.com
- add libtool as buildrequire to avoid implicit dependency
* Mon Aug 29 2011 crrodriguez@opensuse.org
- Fix build with no-add-needed
* Thu May 05 2011 dmueller@suse.de
- fix provides/obsoletes in baselibs
* Fri Dec 10 2010 davejplater@gmail.com
- Split libvorbisenc2 and libvorbisfile3 from libvorbis0
- Removed services.
* Wed Dec 08 2010 coolo@novell.com
- fix the package split
* Wed Dec 08 2010 reddwarf@opensuse.org
- updated to version 1.3.2
* vorbis: additional proofing against invalid/malicious
streams in floor, residue, and bos/eos packet trimming
code (see SVN for details).
* vorbis: Added programming documentation tree for the
low-level calls
* vorbisfile: Correct handling of serial numbers array
element [0] on non-seekable streams
* vorbisenc: Back out an [old] AoTuV HF weighting that was
first enabled in 1.3.0; there are a few samples where I
really don't like the effect it causes.
* vorbis: return correct timestamp for granule positions
with high bit set.
* vorbisfile: the [undocumented] half-rate decode api made no
attempt to keep the pcm offset tracking consistent in seeks.
Fix and add a testing mode to seeking_example.c to torture
test seeking in halfrate mode. Also remove requirement that
halfrate mode only work with seekable files.
* vorbisfile: Fix a chaining bug in raw_seeks where seeking
out of the current link would fail due to not
reinitializing the decode machinery.
* vorbisfile: improve seeking strategy. Reduces the
necessary number of seek callbacks in an open or seek
operation by well over 2/3.
- updated to version 1.3.1
* tweak + minor arithmetic fix in floor1 fit
* revert noise norm to conservative 1.2.3 behavior pending
more listening testing
- updated to versio 1.3.0
* Optimized surround support for 5.1 encoding at 44.1/48kHz
* Added encoder control call to disable channel coupling
* Correct an overflow bug in very low-bitrate encoding on 32 bit
machines that caused inflated bitrates
* Numerous API hardening, leak and build fixes
* Correct bug in 22kHz compand setup that could cause a crash
* Correct bug in 16kHz codebooks that could cause unstable pure
tones at high bitrates
- run spec-cleaner
- removed libvorbis-automake-fix.diff, libvorbis-doc-fixes.diff,
libvorbis-r16326-CVE-2009-3379.diff and
libvorbis-r16597-CVE-2009-3379.diff (upstream fixed)
- follow library packaging policy
- run make check
* Wed May 26 2010 tiwai@suse.de
- VUL-0: libvorbis: memory corruption while parsing ogg files
(bnc#608192, CVE-2009-3379)
* Wed Dec 16 2009 jengelh@medozas.de
- add baselibs.conf as a source
- enable parallel building
- package documentation as noarch
* Wed Nov 11 2009 tiwai@suse.de
- updated to version 1.2.3:
* correct a vorbisfile bug that prevented proper playback of
Vorbis files where all audio in a logical stream is in a
single page
* Additional decode setup hardening against malicious streams
* Add 'OV_EXCLUDE_STATIC_CALLBACKS' define for developers who
wish to avoid avoid unused symbol warnings from the static
callbacks defined in vorbisfile.h
- updated to version 1.2.2:
* define VENDOR and ENCODER strings
* seek correctly in files bigger than 2 GB (Windows)
* fix regression from CVE-2008-1420; 1.0b1 files work again
* mark all tables as constant to reduce memory occupation
* additional decoder hardening against malicious streams
* substantially reduce amount of seeking performed by Vorbisfile
* Multichannel decode bugfix
* build system updates
* minor specification clarifications/fixes
- dropped aotuv patch temporarily
* Thu Jul 23 2009 tiwai@suse.de
- updated to aoTuV patch version beta5.7:
* including security fixes
* improved encoding speed of low bitrate mode
* reduced distrotion by clipping at low sampling frequency
* fixed noise control part of impulse block
* tuning of each part was redone
* expanded noise control of the impulse block
* fixed pre-echo reduction code
* noise normalization reviewed
* detailed tuning done again
* Mon Jun 22 2009 coolo@novell.com
- fix build with automake 1.11
/usr/lib/libvorbisfile.so.3 /usr/lib/libvorbisfile.so.3.3.7
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 16:00:25 2024