Hello community, here is the log from the commit of package libsndfile for openSUSE:Factory checked in at 2015-12-01 09:18:03 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libsndfile (Old) and /work/SRC/openSUSE:Factory/.libsndfile.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libsndfile" Changes: -------- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile-progs.changes 2015-03-27 09:39:04.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile-progs.changes 2015-12-01 09:18:05.000000000 +0100 @@ -1,0 +2,13 @@ +Tue Nov 24 08:31:31 UTC 2015 - idon...@suse.com + +- Remove documentation, it belongs to the libsndfile package. + +------------------------------------------------------------------- +Mon Nov 23 17:22:41 CET 2015 - ti...@suse.de + +- Update to version 1.0.26: + * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805. + * Add ALAC/CAF support. Minor bug fixes and improvements. +- Drop libsndfile-example-fix.diff + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/libsndfile/libsndfile.changes 2015-11-08 11:25:42.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libsndfile.new/libsndfile.changes 2015-12-01 09:18:05.000000000 +0100 @@ -1,0 +2,18 @@ +Mon Nov 23 17:20:09 CET 2015 - ti...@suse.de + +- Update to version 1.0.26: + * Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805. + * Add ALAC/CAF support. Minor bug fixes and improvements. +- Refreshed patches: + sndfile-ocloexec.patch + libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch +- Removed obsoleted patches: + libsndfile-example-fix.diff + libsndfile-fix-header-read-CVE-2015-7805.patch + libsndfile-paf-zero-division-fix.diff + libsndfile-src-common.c-Fix-a-header-parsing-bug.patch + libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch + sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch + sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch + +------------------------------------------------------------------- Old: ---- libsndfile-1.0.25.tar.gz libsndfile-1.0.25.tar.gz.asc libsndfile-example-fix.diff libsndfile-fix-header-read-CVE-2015-7805.patch libsndfile-paf-zero-division-fix.diff libsndfile-src-common.c-Fix-a-header-parsing-bug.patch libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch New: ---- libsndfile-1.0.26.tar.gz libsndfile-1.0.26.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libsndfile-progs.spec ++++++ --- /var/tmp/diff_new_pack.PkrLwR/_old 2015-12-01 09:18:06.000000000 +0100 +++ /var/tmp/diff_new_pack.PkrLwR/_new 2015-12-01 09:18:06.000000000 +0100 @@ -17,7 +17,7 @@ Name: libsndfile-progs -Version: 1.0.25 +Version: 1.0.26 Release: 0 Summary: Example Programs for libsndfile License: LGPL-2.1+ @@ -26,7 +26,6 @@ Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz Source1: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz.asc Source2: libsndfile.keyring -Patch0: libsndfile-example-fix.diff BuildRequires: alsa-devel BuildRequires: flac-devel BuildRequires: gcc-c++ @@ -42,7 +41,6 @@ %prep %setup -q -n libsndfile-%{version} -%patch0 %build %define warn_flags -W -Wall -Wstrict-prototypes -Wpointer-arith -Wno-unused-parameter @@ -57,7 +55,9 @@ %install make DESTDIR=%{buildroot} install %{?_smp_mflags} -# remove unnecessary lib files + +# remove unnecessary files +rm -rf %{buildroot}%{_datadir}/doc/libsndfile rm -rf %{buildroot}%{_libdir} rm -rf %{buildroot}%{_includedir} rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev ++++++ libsndfile.spec ++++++ --- /var/tmp/diff_new_pack.PkrLwR/_old 2015-12-01 09:18:06.000000000 +0100 +++ /var/tmp/diff_new_pack.PkrLwR/_new 2015-12-01 09:18:06.000000000 +0100 @@ -18,7 +18,7 @@ %define lname %{name}1 Name: libsndfile -Version: 1.0.25 +Version: 1.0.26 Release: 0 Summary: Development/Libraries/C and C++ License: LGPL-2.1+ @@ -28,21 +28,7 @@ Source1: http://www.mega-nerd.com/%{name}/files/%{name}-%{version}.tar.gz.asc Source2: %{name}.keyring Source3: baselibs.conf -# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines -Patch0: libsndfile-example-fix.diff -# PATCH-MISSING-TAG -- See http://en.opensuse.org/openSUSE:Packaging_Patches_guidelines -Patch1: libsndfile-paf-zero-division-fix.diff Patch2: sndfile-ocloexec.patch -# PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796 -Patch3: sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch -# PATCH-FIX-UPSTREAM CVE-2014-9496 bnc#911796 -Patch4: sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch -# PATCH-FIX-UPSTREAM CVE-2014-9756 bsc#953521 -Patch5: libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch -# PATCH-FIX-UPSTREAM CVE-2015-7805 bsc#953516 -Patch6: libsndfile-src-common.c-Fix-a-header-parsing-bug.patch -# PATCH-FIX-SUSE CVE-2015-7805 bsc#953516 -Patch7: libsndfile-fix-header-read-CVE-2015-7805.patch # PATCH-FIX-SUSE CVE-2015-8075 bsc#953519 Patch8: libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch BuildRequires: alsa-devel @@ -90,14 +76,7 @@ %prep %setup -q -%patch0 -%patch1 -p1 -%patch2 -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 +%patch2 -p1 %patch8 -p1 %build @@ -125,7 +104,7 @@ rm -rf %{buildroot}%{_mandir}/man1 # remove binaries from examples directory make -C examples distclean -rm -rf %{buildroot}%{_datadir}/doc/libsndfile1-dev +rm -rf %{buildroot}%{_datadir}/doc/libsndfile %post -n %{lname} -p /sbin/ldconfig ++++++ libsndfile-1.0.25.tar.gz -> libsndfile-1.0.26.tar.gz ++++++ ++++ 73449 lines of diff (skipped) ++++++ libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch ++++++ --- /var/tmp/diff_new_pack.PkrLwR/_old 2015-12-01 09:18:07.000000000 +0100 +++ /var/tmp/diff_new_pack.PkrLwR/_new 2015-12-01 09:18:07.000000000 +0100 @@ -4,7 +4,7 @@ --- a/src/common.c +++ b/src/common.c -@@ -1332,7 +1332,7 @@ psf_strlcpy_crlf (char *dest, const char +@@ -1339,7 +1339,7 @@ psf_strlcpy_crlf (char *dest, const char char * destend = dest + destmax - 2 ; const char * srcend = src + srcmax ; ++++++ sndfile-ocloexec.patch ++++++ --- /var/tmp/diff_new_pack.PkrLwR/_old 2015-12-01 09:18:07.000000000 +0100 +++ /var/tmp/diff_new_pack.PkrLwR/_new 2015-12-01 09:18:07.000000000 +0100 @@ -1,19 +1,10 @@ ---- configure.ac.orig -+++ configure.ac -@@ -23,7 +23,9 @@ AC_SUBST(ACLOCAL_AMFLAGS, "-I M4") - - AC_LANG([C]) - --AC_PROG_CC -+AC_PROG_CC_STDC -+AC_USE_SYSTEM_EXTENSIONS -+AC_SYS_LARGEFILE - AM_PROG_CC_C_O - AC_PROG_CXX - AC_PROG_SED ---- src/file_io.c.orig -+++ src/file_io.c -@@ -564,6 +564,9 @@ psf_open_fd (PSF_FILE * pfile) +--- + src/file_io.c | 3 +++ + 1 file changed, 3 insertions(+) + +--- a/src/file_io.c ++++ b/src/file_io.c +@@ -570,6 +570,9 @@ psf_open_fd (PSF_FILE * pfile) return - SFE_BAD_OPEN_MODE ; break ; } ; @@ -23,12 +14,3 @@ if (mode == 0) fd = open (pfile->path.c, oflag) ; ---- Makefile.am.orig -+++ Makefile.am -@@ -1,5 +1,6 @@ - ## Process this file with automake to produce Makefile.in - -+ACLOCAL_AMFLAGS = -I M4 - DISTCHECK_CONFIGURE_FLAGS = --enable-gcc-werror - - if BUILD_OCTAVE_MOD
