Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libaom.16923 for openSUSE:Leap:15.2:Update checked in at 2021-09-14 12:20:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2:Update/libaom.16923 (Old) and /work/SRC/openSUSE:Leap:15.2:Update/.libaom.16923.new.1899 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libaom.16923" Tue Sep 14 12:20:06 2021 rev:1 rq:917770 version:1.0.0 Changes: -------- New Changes file: --- /dev/null 2021-09-02 09:14:41.336741815 +0200 +++ /work/SRC/openSUSE:Leap:15.2:Update/.libaom.16923.new.1899/libaom.changes 2021-09-14 12:20:07.592038556 +0200 @@ -0,0 +1,28 @@ +------------------------------------------------------------------- +Wed Aug 25 09:33:50 UTC 2021 - pgaj...@suse.com + +- security update +- added patches + fix CVE-2021-30475 [bsc#1189497], Buffer overflow in aom_dsp/noise_model.c + + libaom-CVE-2021-30475.patch + +------------------------------------------------------------------- +Tue Jul 31 21:29:49 UTC 2018 - 9+suse@cirno.systems + +- Enable CONFIG_LOWBITDEPTH. Makes 8-bit decoding faster. The only + reason this confusingly-named option is not enabled by default + is that its behavior might not match the 16-bit reference code + path, and that hardware vendors want to be able to validate + their designs against it. No actual mismatches have been found. + See https://bugs.chromium.org/p/aomedia/issues/detail?id=2062 + +------------------------------------------------------------------- +Mon Jul 30 13:09:23 UTC 2018 - bjorn....@gmail.com + +- Pass conditional AOM_TARGET_CPU to cmake, fix build for arm and + ppc, as well as optimize target cpu for other arches. + +------------------------------------------------------------------- +Fri Jul 27 14:42:25 UTC 2018 - 9+suse@cirno.systems + +- Init, v1.0.0 New: ---- _service _servicedata baselibs.conf libaom-0001-Do-not-disable-_FORTIFY_SOURCE.patch libaom-0002-link-threading-lib-with-shared-library.patch libaom-0003-update-CHANGELOG.patch libaom-1.0.0.obscpio libaom-CVE-2021-30475.patch libaom.changes libaom.obsinfo libaom.spec ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libaom.spec ++++++ # # spec file for package libaom # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define sover 0 %define __builder ninja %define __builddir _build Name: libaom Version: 1.0.0 Release: 0 Summary: AV1 codec library License: BSD-2-Clause Group: Productivity/Multimedia/Other URL: https://aomedia.googlesource.com/aom/ Source0: %{name}-%{version}.tar.xz Source99: baselibs.conf Patch0: libaom-0001-Do-not-disable-_FORTIFY_SOURCE.patch Patch1: libaom-0002-link-threading-lib-with-shared-library.patch Patch3: libaom-0003-update-CHANGELOG.patch # CVE-2021-30475 [bsc#1189497], Buffer overflow in aom_dsp/noise_model.c Patch4: libaom-CVE-2021-30475.patch BuildRequires: c++_compiler BuildRequires: cmake BuildRequires: doxygen BuildRequires: graphviz BuildRequires: ninja BuildRequires: pkgconfig BuildRequires: yasm %description This is a library for AOMedia Video 1 (AV1), an open, royalty-free video coding format designed for video transmissions over the Internet. %package -n %{name}%{sover} Summary: AV1 codec library Group: System/Libraries %description -n %{name}%{sover} This is a library for AOMedia Video 1 (AV1), an open, royalty-free video coding format designed for video transmissions over the Internet. %package devel Summary: Development files for libaom, an AV1 codec library Group: Development/Languages/C and C++ Requires: %{name}%{sover} = %{version} %description devel This package contains the development headers and library files for libaom, a library for the AOMedia Video 1 (AV1) video coding format. %package devel-doc Summary: Documentation for the libaom API Group: Documentation/HTML Requires: %{name}-devel = %{version} BuildArch: noarch %description devel-doc This package contains the API documentation for libaom, a library for the AOMedia Video 1 (AV1) video coding format. %package -n aom-tools Summary: AV1 Codec Library Tools %description -n aom-tools This package contains tools included with libaom, a library for the AOMedia Video 1 (AV1) video coding format. %prep %setup -q %autopatch -p1 %build %cmake \ -DCONFIG_LOWBITDEPTH=1 \ %ifnarch aarch64 %{arm} %{ix86} x86_64 -DAOM_TARGET_CPU=generic \ %endif %ifarch %{arm} -DAOM_TARGET_CPU=arm \ %endif %ifarch aarch64 -DAOM_TARGET_CPU=arm64 \ %endif %ifarch %{ix86} -DAOM_TARGET_CPU=x86 \ %endif %ifarch x86_64 -DAOM_TARGET_CPU=x86_64 \ %endif %{nil} %make_jobs %install %cmake_install %post -n %{name}%{sover} -p /sbin/ldconfig %postun -n %{name}%{sover} -p /sbin/ldconfig %files -n %{name}%{sover} %license LICENSE PATENTS %doc AUTHORS CHANGELOG %{_libdir}/%{name}.so.* %files devel %{_includedir}/aom %{_libdir}/%{name}.so %{_libdir}/pkgconfig/aom.pc %files devel-doc %doc %{__builddir}/docs/html/* %files -n aom-tools %{_bindir}/aomdec %{_bindir}/aomenc %changelog ++++++ _service ++++++ <services> <service name="obs_scm" mode="disabled"> <param name="scm">git</param> <param name="url">https://aomedia.googlesource.com/aom</param> <param name="filename">libaom</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v([0-9\.]*)</param> <param name="revision">v1.0.0</param> <param name="changesgenerate">enable</param> </service> <service name="tar" mode="buildtime" /> <service name="recompress" mode="buildtime"> <param name="file">*.tar</param> <param name="compression">xz</param> </service> <service name="set_version" mode="disabled"/> </services> ++++++ _servicedata ++++++ <servicedata> <service name="tar_scm"> <param name="url">https://aomedia.googlesource.com/aom</param> <param name="changesrevision">d14c5bb4f336ef1842046089849dee4a301fbbf0</param></service></servicedata>++++++ baselibs.conf ++++++ libaom0 ++++++ libaom-0001-Do-not-disable-_FORTIFY_SOURCE.patch ++++++ >From 4f2257d533bd461bda6ce58ac21c7dc6995cf7c7 Mon Sep 17 00:00:00 2001 From: Martin Herkt <lach...@srsfckn.biz> Date: Fri, 29 Jun 2018 02:50:20 +0200 Subject: [PATCH 1/3] Do not disable _FORTIFY_SOURCE --- build/cmake/aom_configure.cmake | 3 --- 1 file changed, 3 deletions(-) diff --git a/build/cmake/aom_configure.cmake b/build/cmake/aom_configure.cmake index 5d782aaf9..cb77ff4d9 100644 --- a/build/cmake/aom_configure.cmake +++ b/build/cmake/aom_configure.cmake @@ -290,9 +290,6 @@ else() add_compiler_flag_if_supported("-Werror") endif() - if("${CMAKE_BUILD_TYPE}" MATCHES "Rel") - add_compiler_flag_if_supported("-U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=0") - endif() add_compiler_flag_if_supported("-D_LARGEFILE_SOURCE") add_compiler_flag_if_supported("-D_FILE_OFFSET_BITS=64") endif() -- 2.18.0 ++++++ libaom-0002-link-threading-lib-with-shared-library.patch ++++++ >From 0dc35c2eb16cf3f200b52243b0360cab211a1e95 Mon Sep 17 00:00:00 2001 From: Martin Herkt <lach...@srsfckn.biz> Date: Fri, 27 Jul 2018 15:56:39 +0200 Subject: [PATCH 2/3] link threading lib with shared library --- CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index 0b445722d..e25914ff0 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -552,7 +552,7 @@ endif() if(HAVE_PTHREAD_H AND CONFIG_MULTITHREAD) find_package(Threads) - foreach(app_target ${AOM_APP_TARGETS}) + foreach(app_target ${AOM_APP_TARGETS} aom) target_link_libraries(${app_target} ${AOM_LIB_LINK_TYPE} Threads::Threads) endforeach() endif() -- 2.18.0 ++++++ libaom-0003-update-CHANGELOG.patch ++++++ ++++ 656 lines (skipped) ++++++ libaom-CVE-2021-30475.patch ++++++ --- a/aom_dsp/noise_model.c 2021-08-25 09:12:24.928400898 +0000 +++ b/aom_dsp/noise_model.c 2021-08-25 09:12:24.928400898 +0000 @@ -214,6 +214,7 @@ static void set_chroma_coefficient_fallb int aom_noise_strength_lut_init(aom_noise_strength_lut_t *lut, int num_points) { if (!lut) return 0; + if (num_points <= 0) return 0; lut->points = (double(*)[2])aom_malloc(num_points * sizeof(*lut->points)); if (!lut->points) return 0; lut->num_points = num_points; @@ -1144,12 +1145,24 @@ int aom_noise_model_get_grain_parameters // Convert the scaling functions to 8 bit values aom_noise_strength_lut_t scaling_points[3]; - aom_noise_strength_solver_fit_piecewise( - &noise_model->combined_state[0].strength_solver, 14, scaling_points + 0); - aom_noise_strength_solver_fit_piecewise( - &noise_model->combined_state[1].strength_solver, 10, scaling_points + 1); - aom_noise_strength_solver_fit_piecewise( - &noise_model->combined_state[2].strength_solver, 10, scaling_points + 2); + if (!aom_noise_strength_solver_fit_piecewise( + &noise_model->combined_state[0].strength_solver, 14, + scaling_points + 0)) { + return 0; + } + if (!aom_noise_strength_solver_fit_piecewise( + &noise_model->combined_state[1].strength_solver, 10, + scaling_points + 1)) { + aom_noise_strength_lut_free(scaling_points + 0); + return 0; + } + if (!aom_noise_strength_solver_fit_piecewise( + &noise_model->combined_state[2].strength_solver, 10, + scaling_points + 2)) { + aom_noise_strength_lut_free(scaling_points + 0); + aom_noise_strength_lut_free(scaling_points + 1); + return 0; + } // Both the domain and the range of the scaling functions in the film_grain // are normalized to 8-bit (e.g., they are implicitly scaled during grain ++++++ libaom.obsinfo ++++++ name: libaom version: 1.0.0 mtime: 1529938499 commit: d14c5bb4f336ef1842046089849dee4a301fbbf0
