SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for wavpack-5.4.0-150000.4.15.1.x86_64.rpm :

* Thu Jul 21 2022 pgajdosAATTsuse.com- security update- added patches fix CVE-2022-2476 [bsc#1201716], Null pointer dereference in wvunpack + wavpack-CVE-2022-2476.patch
* Wed Mar 16 2022 pgajdosAATTsuse.com- security update- added patches fix CVE-2021-44269 [bsc#1197020], out of bounds read in processing .wav file + wavpack-CVE-2021-44269.patch
* Mon Jan 18 2021 atoptsoglouAATTsuse.com- Update to version 5.4.0
* CVE-2020-35738: Fixed an out-of-bounds write in WavpackPackSamples (bsc#1180414)
* fixed: disable A32 asm code when building for Apple silicon
* fixed: issues with Adobe-style floating-point WAV files
* added: --normalize-floats option to wvunpack for correctly exporting un-normalized floating-point files- Update to version 5.3.0
* fixed: OSS-Fuzz issues 19925, 19928, 20060, 20448
* fixed: trailing garbage characters on imported ID3v2 TXXX tags
* fixed: various minor undefined behavior and memory access issues
* fixed: sanitize tag extraction names for length and path inclusion
* improved: reformat wvunpack \"help\" and split into long + short versions
* added: regression testing to Travis CI for OSS-Fuzz crashers- Updated to version 5.2.0
* fixed: potential security issues including the following CVEs: CVE-2018-19840, CVE-2018-19841, CVE-2018-10536 (bsc#1091344), CVE-2018-10537 (bsc#1091343) CVE-2018-10538 (bsc#1091342), CVE-2018-10539 (bsc#1091341), CVE-2018-10540 (bsc#1091340), CVE-2018-7254, CVE-2018-7253, CVE-2018-6767, CVE-2019-11498 and CVE-2019-1010319
* added: support for CMake, Travis CI, and Google\'s OSS-fuzz
* fixed: use correction file for encode verify (pipe input, Windows)
* fixed: correct WAV header with actual length (pipe input, -i option)
* fixed: thumb interworking and not needing v6 architecture (ARM asm)
* added: handle more ID3v2.3 tag items and from all file types
* fixed: coredump on Sparc64 (changed MD5 implementation)
* fixed: handle invalid ID3v2.3 tags from sacd-ripper
* fixed: several corner-case memory leaks Dropped patches that included in upstream version:
* CVE-2018-19840.patch
* CVE-2018-19841.patch
* CVE-2018-7253.patch
* CVE-2018-7254.patch
* wavpack-CVE-2018-6767.patch
* CVE-2019-1010319.patch
* CVE-2019-11498.patch
* Wed Aug 14 2019 tchvatalAATTsuse.com- Add patch for bsc#1141334 CVE-2019-1010319 (use of unitialized var):
* CVE-2019-1010319.patch- Add patch for bsc#1133384 CVE-2019-11498 (conditional jump):
* CVE-2019-11498.patch
* Mon Jan 07 2019 sbrabecAATTsuse.com- Fix denial-of-service (resource exhaustion caused by an infinite loop; bsc#1120930, CVE-2018-19840, CVE-2018-19840.patch).- Fix denial-of-service (out-of-bounds read and application crash; bsc#1120929, CVE-2018-19841, CVE-2018-19841.patch).
* Tue Feb 20 2018 kbabiochAATTsuse.com- Added CVE-2018-7253.patch: Fixed a heap based buffer overread in cli/dsdiff.c, which allowed remote attackers to cause DoS via a specially crafted input file (CVE-2018-7253, bsc#1081692)- Added CVE-2018-7254.patch: Fixed a buffer overread in cli/caff.c, which allowed remote attackers to cause DoS via a specially crafted input file (CVE-2018-7254, bsc#1081693)
* Mon Feb 19 2018 pmonrealgonzalezAATTsuse.com- Security fix [bsc#1079746, CVE-2018-6767]
* Crafted wav file can trigger a stack buffer overflow when parsing the file
* Added wavpack-CVE-2018-6767.patch
* Mon Nov 13 2017 jengelhAATTinai.de- Compact description. Drop pointless --with-pic since no static libs are built.
* Thu Nov 09 2017 aavindraaAATTgmail.com- Update to version 5.1.0
* new: command-line tagging utility (wvtag)
* added: option to import ID3v2.3 tags from Sony DSF files
* fixed: fuzz test failures from AFL reported on SourceForge
* improved: DSD decimation filter (less HF rolloff & CPU use)
* fixed: non-byte audio depths (12-bit, 20-bit) not showing
* fixed: rare case of noise-shaping triggering a lossy mute
* fixed: recognize UTF-8 BOM when reading text files
* fixed: a few portability issues- Includes changes from 5.0.0:
* new: input formats (RF64, Wave64, and CAF)
* removed: support for legacy WavPack files (< 4.0)
* added: lossless DSD audio in Philips DSDIFF and Sony DSF files
* fixed: seeking in > 2GB WavPack files (new stream reader)
* fixed: accept > 4GB source audio files (all formats)
* improved: increase maximum samples from 2^32 to 2^40
* added: block checksums for robustness to corruption
* added: support for non-standard channel identities
* added: block decoder for streaming applications
* added: new pdf documentation- For other changes, see upstream:
* https://github.com/dbry/WavPack/blob/master/ChangeLog- cleanup with spec-cleaner- remove wavpack-fix_pkgconfig.patch, fixed upstream in:
* d440649aa113797a50e94285c8c037dc2ad7a5a9
* 779a2e62783acc6a46f75dd89359e95079ef708a
* 7846e95eb1c3fa97da41dfe96de532c2df5ad281- remove license.txt, use upstream copying file instead- Drop Requires, Provides and Obsoletes, as the SUSE versions they were needed for are now EOL.
* Sat Jun 22 2013 crrodriguezAATTopensuse.org- update to WavPack 4.70-beta (packaged as 4.60.99)
* 4GB file support on 32-bit OS
* memcpy() not always used correctly (Linux targets)
* unsigned char issue (ARM targets)
* use temporary files for safer overwriting
  
ICM