rpms
/
libsndfile
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libsndfile/libsndfile.spec

171 lines
5.4 KiB
RPMSpec
Raw Permalink Blame History

Summary: Library for reading and writing sound files
Name: libsndfile
Version: 1.0.17
Release: 8%{?dist}
License: LGPL
Group: System Environment/Libraries
URL: http://www.mega-nerd.com/libsndfile/
Source0: http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
Patch0: libsndfile-1.0.17+flac-1.1.3.patch
Patch1: libsndfile-1.0.17-flac-buffer-overflow.patch
#from upstream, for libsndfile < 1.0.19, CVE-2009-0186
Patch2: libsndfile-1.0.17-channels-per-frame-overflow.patch
#from upstream, for libsndfile < 1.0.20, CVE-2009-1788 CVE-2009-1791
#http://www.mega-nerd.com/erikd/Blog/CodeHacking/libsndfile/rel_20.html
Patch3: voc-aiff-patch-1.0.17.diff
#from upstream, for libsndfile < 1.0.25, crash by overflow with some PAF files (#721239)
Patch4: libsndfile-1.0.17-r1305,1610.patch
#from upstream, for libsndfile <= 1.0.25, rhbz#1177254
Patch5: libsndfile-1.0.25-zerodivfix.patch
#from upstream, for libsndfile <= 1.0.25, rhbz#1178840
Patch6: libsndfile-1.0.25-cve2014_9496.patch
# 2x from upstream, for <= 1.0.25, rhbz#1277899
Patch7: libsndfile-1.0.25-d2a87385c1ca1d72918e9a2875d24f202a5093e8.patch
Patch8: libsndfile-1.0.25-53c9f0bcaf20203bb4ee56da760a6e5118e6f93b.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n)
BuildRequires: alsa-lib-devel
Provides: %{name}-octave = %{version}-%{release}
%package devel
Summary: Development files for libsndfile
Group: Development/Libraries
Requires: %{name} = %{version}-%{release} pkgconfig
%description
libsndfile is a C library for reading and writing sound files such as
AIFF, AU, WAV, and others through one standard interface. It can
currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and
64-bit floating point WAV files and a number of compressed formats. It
compiles and runs on *nix, MacOS, and Win32.
%description devel
libsndfile is a C library for reading and writing sound files such as
AIFF, AU, WAV, and others through one standard interface.
This package contains files needed to develop with libsndfile.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1 -b .zerodivfix
%patch6 -p1 -b .cve2014_9496
%patch7 -p1 -b .d2a87385c1ca1d72918e9a2875d24f202a5093e8
%patch8 -p1 -b .53c9f0bcaf20203bb4ee56da760a6e5118e6f93b
%build
%configure --disable-dependency-tracking
make %{?_smp_mflags}
%install
rm -rf $RPM_BUILD_ROOT __docs
make install DESTDIR=$RPM_BUILD_ROOT
cp -pR $RPM_BUILD_ROOT%{_docdir}/libsndfile1-dev/html __docs
rm -rf $RPM_BUILD_ROOT%{_docdir}/libsndfile1-dev
%clean
rm -rf $RPM_BUILD_ROOT
%post -p /sbin/ldconfig
%postun -p /sbin/ldconfig
%files
%defattr(-,root,root,-)
%doc COPYING AUTHORS TODO README NEWS ChangeLog
%{_bindir}/sndfile-info
%{_bindir}/sndfile-play
%{_bindir}/sndfile-convert
%{_bindir}/sndfile-regtest
%{_mandir}/man1/sndfile-info.1*
%{_mandir}/man1/sndfile-play.1*
%{_mandir}/man1/sndfile-convert.1*
%{_libdir}/%{name}.so.*
%{_datadir}/octave
%files devel
%defattr(-,root,root,-)
%doc __docs/*
%exclude %{_libdir}/%{name}.la
%{_includedir}/sndfile.h
%{_includedir}/sndfile.hh
%{_libdir}/%{name}.so
%{_libdir}/%{name}.a
%{_libdir}/pkgconfig/sndfile.pc
%changelog
* Thu Dec 17 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-8
- fix incomplete patch for CVE-2015-7805
* Fri Nov 06 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-7
- fix CVE-2015-7805: Heap overflow vulnerability when parsing specially
crafted AIFF header
* Tue Jan 13 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-6
- fix CVE-2014-9496: 2 buffer overruns in sd2_parse_rsrc_fork (#1178840)
- division by zero leading to denial of service in psf_fwrite (#1177254)
* Thu Jul 14 2011 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-5
- fixes integer overflow by processing certain PAF audio files (#721239)
* Thu Dec 23 2010 Michal Hlavinka <mhlavink@redhat.com> - 1.0.17-4
- fix CVE-2009-1788 : VOC file heap based buffer overflow (#502657)
- fix CVE-2009-1791 : AIFF file heap based buffer overflow (#502658)
* Thu Jul 8 2010 Michel Salim <salimma@fedoraproject.org> - 1.0.17-3
- Fix for channel per frame overflow (CVE-2009-0186, #488364)
* Thu Sep 20 2007 Andreas Thienemann <andreas@bawue.net> - 1.0.17-2
- Adding FLAC support to libsndfile courtesy of gentoo, #237575
- Fixing CVE-2007-4974. Thanks to the gentoo people for the patch, #296221
* Fri Sep 08 2006 Andreas Thienemann <andreas@bawue.net> - 1.0.17-1
- Updated to 1.0.17
* Sun Apr 30 2006 Andreas Thienemann <andreas@bawue.net> - 1.0.16-1
- Updated to 1.0.16
* Thu Mar 30 2006 Andreas Thienemann <andreas@bawue.net> - 1.0.15-1
- Updated to 1.0.15
* Thu Mar 16 2006 Dams <anvil[AT]livna.org> - 1.0.14-1.fc5
- Updated to 1.0.14
- Dropped patch0
* Thu May 12 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 1.0.11-3
- rebuilt
* Sat Mar 5 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 1.0.11-2
- Fix format string bug (#149863).
- Drop explicit Epoch 0.
* Sat Dec 4 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:1.0.11-0.fdr.1
- Update to 1.0.11.
* Wed Oct 13 2004 Ville Skyttä <ville.skytta at iki.fi> - 0:1.0.10-0.fdr.1
- Update to 1.0.10, update URLs, include ALSA support.
- Disable dependency tracking to speed up the build.
- Add missing ldconfig invocations.
- Make -devel require pkgconfig.
- Include developer docs in -devel.
- Provide -octave in main package, own more related dirs.
- Bring specfile up to date with current spec templates.
* Sat Apr 12 2003 Dams <anvil[AT]livna.org>
- Initial build.
Reference in New Issue View Git Blame Copy Permalink