| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: wavpack-devel | Distribution: SUSE Linux Enterprise 15 |
| Version: 5.4.0 | Vendor: SUSE LLC <https://www.suse.com/> |
| Release: 4.12.1 | Build date: Wed Mar 16 14:13:13 2022 |
| Group: Development/Libraries/C and C++ | Build host: s390zl3a |
| Size: 20263 | Source RPM: wavpack-5.4.0-4.12.1.src.rpm |
| Packager: https://www.suse.com/ | |
| Url: http://www.wavpack.com/ | |
| Summary: Development files for wavpack, an audio compression format | |
WavPack is an open audio compression format providing lossless, high-quality lossy, and unique hybrid compression modes. This subpackage contains libraries and header files for developing applications that want to make use of wavpack.
BSD-3-Clause
* Wed Mar 16 2022 pgajdos@suse.com
- security update
- added patches
fix CVE-2021-44269 [bsc#1197020], out of bounds read in processing .wav file
+ wavpack-CVE-2021-44269.patch
* Mon Jan 18 2021 atoptsoglou@suse.com
- Update to version 5.4.0
* CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples (bsc#1180414)
* fixed: disable A32 asm code when building for Apple silicon
* fixed: issues with Adobe-style floating-point WAV files
* added: --normalize-floats option to wvunpack for correctly
exporting un-normalized floating-point files
- Update to version 5.3.0
* fixed: OSS-Fuzz issues 19925, 19928, 20060, 20448
* fixed: trailing garbage characters on imported ID3v2 TXXX tags
* fixed: various minor undefined behavior and memory access issues
* fixed: sanitize tag extraction names for length and path inclusion
* improved: reformat wvunpack "help" and split into long + short versions
* added: regression testing to Travis CI for OSS-Fuzz crashers
- Updated to version 5.2.0
* fixed: potential security issues including the following CVEs:
CVE-2018-19840, CVE-2018-19841, CVE-2018-10536 (bsc#1091344),
CVE-2018-10537 (bsc#1091343) CVE-2018-10538 (bsc#1091342),
CVE-2018-10539 (bsc#1091341), CVE-2018-10540 (bsc#1091340),
CVE-2018-7254, CVE-2018-7253, CVE-2018-6767, CVE-2019-11498
and CVE-2019-1010319
* added: support for CMake, Travis CI, and Google's OSS-fuzz
* fixed: use correction file for encode verify (pipe input, Windows)
* fixed: correct WAV header with actual length (pipe input, -i option)
* fixed: thumb interworking and not needing v6 architecture (ARM asm)
* added: handle more ID3v2.3 tag items and from all file types
* fixed: coredump on Sparc64 (changed MD5 implementation)
* fixed: handle invalid ID3v2.3 tags from sacd-ripper
* fixed: several corner-case memory leaks
Dropped patches that included in upstream version:
* CVE-2018-19840.patch
* CVE-2018-19841.patch
* CVE-2018-7253.patch
* CVE-2018-7254.patch
* wavpack-CVE-2018-6767.patch
* CVE-2019-1010319.patch
* CVE-2019-11498.patch
* Wed Aug 14 2019 tchvatal@suse.com
- Add patch for bsc#1141334 CVE-2019-1010319 (use of unitialized var):
* CVE-2019-1010319.patch
- Add patch for bsc#1133384 CVE-2019-11498 (conditional jump):
* CVE-2019-11498.patch
* Mon Jan 07 2019 sbrabec@suse.com
- Fix denial-of-service (resource exhaustion caused by an infinite
loop; bsc#1120930, CVE-2018-19840, CVE-2018-19840.patch).
- Fix denial-of-service (out-of-bounds read and application crash;
bsc#1120929, CVE-2018-19841, CVE-2018-19841.patch).
* Tue Feb 20 2018 kbabioch@suse.com
- Added CVE-2018-7253.patch: Fixed a heap based buffer overread in
cli/dsdiff.c, which allowed remote attackers to cause DoS via
a specially crafted input file (CVE-2018-7253, bsc#1081692)
- Added CVE-2018-7254.patch: Fixed a buffer overread in cli/caff.c,
which allowed remote attackers to cause DoS via a specially
crafted input file (CVE-2018-7254, bsc#1081693)
* Mon Feb 19 2018 pmonrealgonzalez@suse.com
- Security fix [bsc#1079746, CVE-2018-6767]
* Crafted wav file can trigger a stack buffer overflow when
parsing the file
* Added wavpack-CVE-2018-6767.patch
* Mon Nov 13 2017 jengelh@inai.de
- Compact description. Drop pointless --with-pic since no static
libs are built.
* Thu Nov 09 2017 aavindraa@gmail.com
- Update to version 5.1.0
* new: command-line tagging utility (wvtag)
* added: option to import ID3v2.3 tags from Sony DSF files
* fixed: fuzz test failures from AFL reported on SourceForge
* improved: DSD decimation filter (less HF rolloff & CPU use)
* fixed: non-byte audio depths (12-bit, 20-bit) not showing
* fixed: rare case of noise-shaping triggering a lossy mute
* fixed: recognize UTF-8 BOM when reading text files
* fixed: a few portability issues
- Includes changes from 5.0.0:
* new: input formats (RF64, Wave64, and CAF)
* removed: support for legacy WavPack files (< 4.0)
* added: lossless DSD audio in Philips DSDIFF and Sony DSF files
* fixed: seeking in > 2GB WavPack files (new stream reader)
* fixed: accept > 4GB source audio files (all formats)
* improved: increase maximum samples from 2^32 to 2^40
* added: block checksums for robustness to corruption
* added: support for non-standard channel identities
* added: block decoder for streaming applications
* added: new pdf documentation
- For other changes, see upstream:
* https://github.com/dbry/WavPack/blob/master/ChangeLog
- cleanup with spec-cleaner
- remove wavpack-fix_pkgconfig.patch, fixed upstream in:
* d440649aa113797a50e94285c8c037dc2ad7a5a9
* 779a2e62783acc6a46f75dd89359e95079ef708a
* 7846e95eb1c3fa97da41dfe96de532c2df5ad281
- remove license.txt, use upstream copying file instead
- Drop Requires, Provides and Obsoletes, as the SUSE versions they
were needed for are now EOL.
* Sat Jun 22 2013 crrodriguez@opensuse.org
- update to WavPack 4.70-beta (packaged as 4.60.99)
* 4GB file support on 32-bit OS
* memcpy() not always used correctly (Linux targets)
* unsigned char issue (ARM targets)
* use temporary files for safer overwriting
* Mon Feb 13 2012 coolo@suse.com
- patch license to follow spdx.org standard
/usr/include/wavpack /usr/include/wavpack/wavpack.h /usr/lib64/libwavpack.so /usr/lib64/pkgconfig/wavpack.pc
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Apr 9 17:27:20 2024