| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: libsndfile1 | Distribution: SUSE Linux Framework One |
| Version: 1.2.2 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: slfo.1.1.6 | Build date: Mon Aug 26 11:20:45 2024 |
| Group: System/Libraries | Build host: h01-ch4d |
| Size: 535892 | Source RPM: libsndfile-1.2.2-slfo.1.1.6.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: https://libsndfile.github.io/libsndfile/ | |
| Summary: A Library to Handle Various Audio File Formats | |
Libsndfile is a C library for reading and writing sound files, such as AIFF, AU, and WAV files, through one standard interface. It can currently read and write 8, 16, 24, and 32-bit PCM files as well as 32-bit floating point WAV files and a number of compressed formats.
LGPL-2.1-or-later
* Fri Oct 20 2023 tiwai@suse.com
- Update to 1.2.1:
* Various bug fixes (issue #908, #907, #934, #950, #930)
- Update to 1.2.2:
* Fixed invalid regex in src/create_symbols_file.py
* Fixed passing null pointer to printf %s in tests
- Fix signed integers overflows in au_read_header()
(bsc#1213451, CVE-2022-33065):
libsndfile-CVE-2022-33065.patch
* Mon Apr 24 2023 dimstar@opensuse.org
- Add _multibuild to define 2nd spec file as additional flavor.
Eliminates the need for source package links in OBS.
* Tue Feb 21 2023 info@paolostivanin.com
- update to 1.2.0:
* Searching for LAME dependency with CMake build system (issue #821).
* CMake build from Autotools tarball (issue #816).
* Build on UWP platform (issue #824).
* Fix signed integer overflow (issue #785).
* Skipping large wav chunks on stdin (PR #819).
* Tue Mar 29 2022 dmueller@suse.com
- update to 1.1.0:
* Added MPEG Encode/Decode Support
* New fuzzer for OSS-Fuzz, thanks @DavidKorczynski.
Fixed:
* Memory leak in caf_read_header(), credit to OSS-Fuzz (issue 30375).
* Stack overflow in guess_file_type()
* Abort in fuzzer, thanks @bobsayshilol, credit to OSS-Fuzz
* Infinite loop in svx_read_header(), thanks @bobsayshilol, credit to OSS-Fuzz
* GCC and Clang pedantic warnings, thanks @bobsayshilol.
* Normalisation issue when scaling floating point data to int in
replace_read_f2i(), thanks @bobsayshilol, (issue #702).
* Missing samples when doing a partial read of Ogg file from index till the
end of file, thanks @arthurt (issue #643).
* sndfile-salvage: Handle files > 4 GB on Windows OS
* Undefined shift in dyn_get_32bit(), credit to OSS-Fuzz
* Integer overflow in nms_adpcm_update(), credit to OSS-Fuzz
* Integer overflow in psf_log_printf(), credit to OSS-Fuzz
* ABI version incompatibility between Autotools and CMake build on Apple
platforms.
* Heap buffer overflow in wavlike_ima_decode_block()
* Heap buffer overflow in msadpcm_decode_block()
* Heap buffer overflow in psf_binheader_readf()
* Index out of bounds in psf_nms_adpcm_decode_block()
* Heap buffer overflow in flac_buffer_copy()
* Heap buffer overflow in copyPredictorTo24()
* Uninitialized variable in psf_binheader_readf()
- drop sndfile-deinterlace-channels-check.patch ms_adpcm-Fix-and-extend-size-checks.patch,
libsndfile-CVE-2021-4156.patch (obsolete)
* Mon Jan 03 2022 tiwai@suse.de
- Fix heap buffer overflow in flac_buffer_copy (CVE-2021-4156,
bsc#1194006):
libsndfile-CVE-2021-4156.patch
* Fri Jul 23 2021 tiwai@suse.de
- Fix heap buffer overflow vulnerability in msadpcm_decode_block
(CVE-2021-3246, bsc#1188540):
ms_adpcm-Fix-and-extend-size-checks.patch
* Wed Mar 17 2021 dimstar@opensuse.org
- BuildRequire python3-base instead of the full python3 package:
manages to break a build cycle, is cheaper, and still sufficient.
* Sun Mar 14 2021 dmueller@suse.com
- update to 1.0.31:
* documentation fixes and updates
* Change CMake's project name from sndfile to libsndfile as it should be.
* Fix memory leak in wav_read_smpl_chunk() function, credit to OSS-Fuzz.
* Fix aiff_read_header() memory leak(), credit to OSS-Fuzz.
* Fix leak in wav_read_header(), credit to OSS-Fuzz.
* Fix leak in wavlike_read_cart_chunk(), credit to OSS-Fuzz.
* Fix memory leak in wav_read_acid_chunk(), credit to OSS-Fuzz.
* Fix memory leak in aiff_read_basc_chunk(), credit to OSS-Fuzz.
* Fix memory leak in wavlike_read_peak_chunk(), credit to OSS-Fuzz.
* Fix memory leak in aiff_read_header(), credit to OSS-Fuzz.
* Fix use of uninitialized value in exif_subchunk_parse(), credit to OSS-Fuzz.
* Fix use of uninitialized value in endswap_int64_t_array(), credit to
* OSS-Fuzz.
* Fix up the fuzzer so that it can't under or overseek,
* thanks to Max Dymond cmeister2@gmail.com.
* Fix Autotools configure on macOS, thanks to @tmcguire and @nwh.
* Exclude repository-configuration from git-archive, thanks to @umlaeute.
* Use version-script when compiling with clang on Unix with Autotools, thanks
* to @tstellar.
* Improve handling of SMPL chunks in WAV files, thanks to @zodf0055980.
- update to 1.0.30:
* Move sndfile.h.in from src/ to include/ directory.
* Huge documentation update.
* Fix opus test failures on BE platforms
* Fix bug when sf_open_fd() function sometimes leaves filehandle open, even if close_desc parameter is TRUE, thanks to @umläute.
* Fix infinite loops on some pathological SD2 files
* Switch to GitHub Actions for continuous integration.
* Add OSS-Fuzz tests to GitHub Actions workflow
* Fix memory leak in wavlike_read_bext_chunk() function, credit to OSS-Fuzz.
* Fix undefined behavior in avr-read_header() function, credit to OSS-Fuzz.
- update to 1.0.29:
* Fixes for: CVE-2017-12562, CVE-2017-17456, CVE-2017-17457, CVE-2018-19661, CVE-2018-19662, CVE-2018-19758 and CVE-2019-3832.
* Add BWF v2 loudness parameters.
* Wave64: Permit and skip arbitrary chunks prior to the data chunk.
* Fix ASAN crash in wavlike_ima_seek().
* Fix IMA-ADPCM encoding for AIFF files.
* sndfile-convert: Handle gsm, vox and opus extensions the same way.
* Add SFC_SET_OGG_PAGE_LATENCY_MS command to get Ogg page latency for Ogg Opus files.
* Fix parsing of some SD2 files.
* Documentation updates.
* Minor bug fixes and improvements.
- drop libsndfile-CVE-2017-17456-alaw-range-check.patch
libsndfile-CVE-2017-17457-ulaw-range-check.patch
libsndfile-wav-loop-count-fix.patch
0001-FLAC-Fix-a-buffer-read-overrun.patch
0002-src-flac.c-Fix-a-buffer-read-overflow.patch
0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
0031-sfe_copy_data_fp-check-value-of-max-variable.patch: upstream
* Tue Dec 03 2019 stefan.bruens@rwth-aachen.de
- Remove build dependencies for progs subpackage from library:
* alsa-devel, only needed for the examples
* sqlite3-devel, only needed for the regression test
- Only build library, pass --disable-full-suite to configure
* Tue Dec 04 2018 tiwai@suse.de
- Fix segfault in wav conversion due to the invalid loop count
(CVE-2018-19758, bsc#1117954):
libsndfile-wav-loop-count-fix.patch
* Fri Jul 06 2018 tiwai@suse.de
- Fix buffer overflow in sndfile-deinterleave, which isn't really a
security issue (bsc#1100167, CVE-2018-13139, bsc#1116993,
CVE-2018-19432):
sndfile-deinterlace-channels-check.patch
* Fri Jun 08 2018 tiwai@suse.de
- Use license file tag
* Fri Jun 08 2018 tiwai@suse.de
- Fix potential overflow in d2alaw_array() (CVE-2017-17456,
bsc#1071777):
libsndfile-CVE-2017-17456-alaw-range-check.patch
- Fix potential overflow in d2ulaw_array() (CVE-2017-17457,
bsc#1071767):
libsndfile-CVE-2017-17457-ulaw-range-check.patch
* Tue Dec 19 2017 tiwai@suse.de
- Fix VUL-0: divide-by-zero error exists in the function
double64_init() in double64.c (CVE-2017-14634, bsc#1059911):
0030-double64_init-Check-psf-sf.channels-against-upper-bo.patch
- Tentative fix for VUL-0: out of bounds read in the function
d2alaw_array() in alaw.c (CVE-2017-14245, bsc#1059912) and
VUL-0: out of bounds read in the function d2ulaw_array() in
ulaw.c (CVE-2017-14246, bsc#1059913):
0031-sfe_copy_data_fp-check-value-of-max-variable.patch
* Tue Aug 08 2017 tiwai@suse.de
- Fix Heap-based Buffer Overflow in the psf_binheader_writef
(CVE-2017-12562, bsc#1052476):
0020-src-common.c-Fix-heap-buffer-overflows-when-writing-.patch
* Tue Jun 13 2017 tiwai@suse.de
- Fix out-of-bounds read memory access in the aiff_read_chanmap()
(CVE-2017-6892, bsc#1043978):
0010-src-aiff.c-Fix-a-buffer-read-overflow.patch
* Tue May 02 2017 tiwai@suse.de
- Fix FLAC buffer overflows (CVE-2017-8361 CVE-2017-8363
CVE-2017-8365 CVE-2017-8362 bsc#1036944 bsc#1036945 bsc#1036946
bsc#1036943):
0001-FLAC-Fix-a-buffer-read-overrun.patch
0002-src-flac.c-Fix-a-buffer-read-overflow.patch
* Mon Apr 10 2017 tiwai@suse.de
- Update to version 1.0.27:
* Fix a seek regression in 1.0.26
* Add metadata read/write for CAF and RF64
* FIx PAF endian-ness issue
- Update to version 1.0.28
* Fix buffer overruns in FLAC and ID3 handling code
(CVE-2017-7585, CVE-2017-7586, bsc#1033054, bsc#1033053)
* Reduce default header memory requirements
* Fix detection of Large File Support for 32 bit systems.
- Obsoleted patch:
libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
* Tue May 10 2016 tom.mbrt@googlemail.com
- Fix spec file to enable builds on non opensuse OS
* Mon Nov 23 2015 tiwai@suse.de
- Update to version 1.0.26:
* Fix for CVE-2014-9496, CVE-2014-9756 and CVE-2015-7805.
* Add ALAC/CAF support. Minor bug fixes and improvements.
- Refreshed patches:
sndfile-ocloexec.patch
libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
- Removed obsoleted patches:
libsndfile-example-fix.diff
libsndfile-fix-header-read-CVE-2015-7805.patch
libsndfile-paf-zero-division-fix.diff
libsndfile-src-common.c-Fix-a-header-parsing-bug.patch
libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch
sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch
* Wed Nov 04 2015 tiwai@suse.de
- VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-7805, bsc#953516)
libsndfile-src-common.c-Fix-a-header-parsing-bug.patch
libsndfile-fix-header-read-CVE-2015-7805.patch
- VUL-0: libsndfile 1.0.25 heap overflow (CVE-2015-8075, bsc#953519)
libsndfile-psf_strlcpy_crlf-fix-CVE-2015-8075.patch
- Fix the build with SLE11-SP3 due to AM_SILENT_RULE macro
* Wed Nov 04 2015 tiwai@suse.de
- VUL-1: libsndfile DoS/divide-by-zero (CVE-2014-9756, bsc#953521):
libsndfile-src-file_io.c-Prevent-potential-divide-by-zero.patch
* Sat Mar 21 2015 mpluskal@suse.com
- Cleanup spec file with spec-cleaner
- Add gpg signature
- Remove old ppc provides/obsoletes
* Wed Jan 07 2015 tiwai@suse.de
- VUL-0: two buffer read overflows in sd2_parse_rsrc_fork()
(CVE-2014-9496, bnc#911796): backported upstream fix patches
sndfile-src-sd2.c-Fix-segfault-in-SD2-RSRC-parser.patch
sndfile-src-sd2.c-Fix-two-potential-buffer-read-overflows.patch
* Mon Apr 15 2013 mmeister@suse.com
- Added url as source.
Please see http://en.opensuse.org/SourceUrls
* Fri Dec 02 2011 coolo@suse.com
- add libtool as buildrequire to avoid implicit dependency
* Thu Nov 24 2011 tiwai@suse.de
- add missing provides/obsoletes for libsndfile -> libsndfile1
rename (bnc#732565)
* Thu Nov 24 2011 crrodriguez@opensuse.org
- use O_CLOEXEC in library code.
* Tue Nov 22 2011 coolo@suse.com
- fix devel dependency
* Mon Nov 21 2011 jengelh@medozas.de
- Remove redundant/unwanted tags/section (cf. specfile guidelines)
* Wed Aug 24 2011 crrodriguez@opensuse.org
- Enable speex support
- run make check
* Fri Jul 29 2011 tiwai@suse.de
- Fix zero-division in PAF parser (bnc#708988)
* Wed Jul 27 2011 crrodriguez@opensuse.org
- Remove -fno-strict-aliasing from cflags, no longer needed
- disable automake silent rules.
* Mon Jul 18 2011 tiwai@suse.de
- updated to version 1.0.25:
Fix for Secunia Advisory SA45125 (CVE-2011-2696, bnc#705681)
Minor bug fixes and improvements
* Wed Mar 23 2011 oliver.bengs@opensuse.org
- Update to version 1.0.24
- Upstream changes :
* WAV files are now written with an 18 byte u-law and A-law fmt chunk
* A document on virtual I/O functionality was added
* Two new methods were added in sndfile.hh
* A fix was made for a non-zero SSND offset values on AIFF
* Minor bug fixes and improvements were done
* Mon Oct 11 2010 oliver.bengs@opensuse.org
- Update to version 1.0.23
- Upstream changes :
* configure.ac src/version-metadata.rc.in src/Makefile.am
Add version string resources to the windows DLL.
* doc/api.html
Update to add missing SF_FORMAT_* values. Closed Debian bug #545257.
* NEWS README configure.ac doc/*.html
Updates for 1.0.23 release.
* Other minor bug fixes
* Fri Oct 08 2010 davejplater@gmail.com
- Update to version 1.0.22
- Upstream changes :
* Bunch of minor bug fixes.
* Mon Aug 16 2010 tiwai@suse.de
- updated to version 1.0.21:
* Bunch of minor bug fixes.
* including VUL-1 divide-by-zero fix (bnc#631379)
* Wed Dec 16 2009 jengelh@medozas.de
- add baselibs.conf as a source
- enable parallel building
* Tue Jun 02 2009 dmueller@suse.de
- explicitely enable sqlite support to avoid random flipping
* Fri May 15 2009 tiwai@suse.de
- updated to version 1.0.20:
* Fix for potential heap overflow
- enable ogg/vorbis support
* Fri Apr 24 2009 tiwai@suse.de
- built progs subpackage from an individual spec file to cut the
circular dependency with jack.
* Wed Mar 04 2009 tiwai@suse.de
- updated to version 1.0.19:
* Fix for CVE-2009-0186 (bnc#481769 - VUL-0: libsndfile CAF
Processing Integer Overflow Vulnerability)
* Huge number of minor fixes as a result of static analysis
- remove INSTALL file from filelist
* Mon Feb 09 2009 tiwai@suse.de
- updated to version 1.0.18
* Add Ogg/Vorbis support (disabled right now due to vorbis
version mismatch; SVN version is required)
* Remove captive FLAC library.
* Many new features and bug fixes.
* Generate Win32 and Win64 pre-compiled binaries.
- Dropped libsndfile-octave subpackage (as octave itself is
dropped from FACTORY)
* Wed Jan 07 2009 olh@suse.de
- obsolete old -XXbit packages (bnc#437293)
* Tue Oct 14 2008 meissner@suse.de
- prototype for memset
* Tue May 06 2008 tiwai@suse.de
- fix missing initializations in demo programs (bnc#351128)
* Tue Apr 15 2008 schwab@suse.de
- Fix configure script.
* Thu Apr 10 2008 ro@suse.de
- added baselibs.conf file to build xxbit packages
for multilib support
* Mon Mar 10 2008 crrodriguez@suse.de
- remove explicit-lib-dependencies
- fix -devel package dependencies
* Thu Sep 20 2007 tiwai@suse.de
- VUL-0: Heap-based buffer overflow in flac.c (#326070,
CVE-2007-4974)
* Mon Apr 16 2007 tiwai@suse.de
- Move docs and manpages to appropriate sub-packages (#264820)
- Remove static library (#264820)
* Mon Apr 16 2007 schwab@suse.de
- Fix quoting in autoconf macros.
* Fri Apr 13 2007 tiwai@suse.de
- fix FLAC-1.1.4 support.
* Fri Sep 01 2006 tiwai@suse.de
- updated to version 1.0.17:
* Add C++ wrapper sndfile.hh. Minor bug fixes and cleanups.
* Tue Jul 04 2006 tiwai@suse.de
- fix the build -- removed invalidly overridden HAVE_DECL_S_IRGRP
definition in configure.ac.
* Mon May 29 2006 tiwai@suse.de
- added flac-devel to requires of devel sub package.
* Mon May 15 2006 tiwai@suse.de
- updated to version 1.0.16.
* more format supports
* code cleanups
* fix memleaks
* Wed Jan 25 2006 mls@suse.de
- converted neededforbuild to BuildRequires
* Fri Sep 30 2005 tiwai@suse.de
- updated to version 1.0.12.
- split example programs to progs sub-package.
- added -fno-strict-aliasing.
* Wed Nov 17 2004 tiwai@suse.de
- updated to version 1.0.11.
* Fri Sep 03 2004 tiwai@suse.de
- removed python from neededforbuild.
* Thu Aug 05 2004 tiwai@suse.de
- updated to version 1.0.10.
* Thu Feb 26 2004 tiwai@suse.de
- updated to version 1.0.7.
* Sat Jan 10 2004 adrian@suse.de
- add %run_ldconfig
* Mon Sep 15 2003 kukuk@suse.de
- Set x bit on directories
* Fri Jun 20 2003 ro@suse.de
- added directories to filelist
* Fri Jun 06 2003 tiwai@suse.de
- updated to version 1.0.5.
* Tue May 13 2003 pthomas@suse.de
- Put Octave interface files into an own subpackage.
* Thu Feb 13 2003 pthomas@suse.de
- Compile with all usefull warnings and fix all places where the
compiler warned.
- Fix configure to use $libdir instead of $prefix/lib for reporting.
* Tue Feb 04 2003 tiwai@suse.de
- updated to version 1.0.4.
* Fri Jan 17 2003 tiwai@suse.de
- added %run_ldconfig to %post.
* Thu Jan 16 2003 tiwai@suse.de
- updated to version 1.0.3.
- added *.la to devel package.
* Mon Nov 25 2002 tiwai@suse.de
- updated to version 1.0.2.
* Fri Sep 20 2002 tiwai@suse.de
- updated to version 1.0.1.
* Mon Aug 19 2002 tiwai@suse.de
- updated to version 1.0.0 final.
* Fri Aug 02 2002 tiwai@suse.de
- updated to version 1.0.0rc3.
* Tue Jun 25 2002 tiwai@suse.de
- updated to version 1.0.0rc2.
* Fri Apr 12 2002 tiwai@suse.de
- set %__libdir.
- use make install as default instead of install-strip.
* Thu Feb 07 2002 tiwai@suse.de
- fixed build on s390x.
* Fri Dec 07 2001 tiwai@suse.de
- fixed group tag (System -> System Environment)
* Thu Dec 06 2001 tiwai@suse.de
- removed binaries from alsa-devel examples directory.
* Wed Nov 21 2001 tiwai@suse.de
- updated to ver.0.0.27.
* Wed Oct 17 2001 tiwai@suse.de
- updated to ver.0.0.26.
+ Added sf_command () interface.
+ Added support for IRCAM files.
+ Minor bug fixes.
* Tue Aug 28 2001 tiwai@suse.de
- updated to ver.0.0.24.
+ Added support for 32 bit floating point AIFC files, little endian AIFC
files and 16, 24 and 32 bit Sphere NIST files.
+ Massive refactoring of internal code.
+ Added read and write handling of PEAK chunks on AIFF and WAV files.
+ Added read support for REX files (Propellerheads Reason).
+ Added sf_read_float () and sf_write_float () interfaces.
+ Minor bug fixes.
- changed group tag to System/Libraries
* Fri Aug 03 2001 tiwai@suse.de
- fixed compile on s390.
* Thu Jun 07 2001 tiwai@suse.de
- fixed compile with the latest libtool & autoconf.
* Tue Apr 03 2001 kukuk@suse.de
- move *.so files into devel package
- Remove kernel_header requires
- Fix glibc-devel dependencies
* Wed Dec 13 2000 tiwai@suse.de
- fixed compile on ia64.
* Thu Nov 02 2000 ro@suse.de
- changed Group to Development/Libraries (old group did not exist)
* Thu Nov 02 2000 tiwai@suse.de
- Updated to 0.0.22.
- Changed for long package-name support (libsnd -> libsndfile,
libsndd -> libsndfile-devel).
* Tue Sep 26 2000 tiwai@suse.de
- changed to bzip2.
- added suse_update_config.
* Wed Sep 06 2000 tiwai@suse.de
- Initial version: 0.0.21.
/usr/lib64/libsndfile.so.1 /usr/lib64/libsndfile.so.1.0.37
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Oct 1 00:01:50 2024