SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libebml5-1.4.5-lp156.100.1.x86_64.rpm :

* Thu Dec 28 2023 Dirk Müller - update to 1.4.5 (bsc#1218432, CVE-2023-52339):
* Fix invalid memory access (reading beyond allocated memory) due to missing integer overflow check.
* Sat Oct 08 2022 Luigi Baldoni - Update to version 1.4.4
* Fix ABI compatibility: unfortunately release 1.4.3 broke ABI compatibility. This release restores the compatibility with release 1.4.2. Please use it instead of release 1.4.3. In other words: 1.4.2 & 1.4.4 are compatible, while 1.4.3 is compatible with neither 1.4.2 nor 1.4.4.
* Sat Oct 01 2022 Dirk Müller - update to 1.4.3:
* A C++14 compliant C++ compiler is now required.
* Fix compilation with g++ 11. Fixes #80.
* Remove Coremake project files
* Updated the bundled utf8cpp to v3.2.1.
* Fixed several problems in `EbmlBinary:` potential segfault by writing to a `nullptr`, potential memory leak under certain error conditions.
* Fixed problems with the generated `pkg-config` files if any of the installation paths are absolute.- drop 0001-include-appropriate-header-files-for-std-numeric_lim.patch (upstream)
* Fri Mar 19 2021 Christophe Giboudeaux - Add patch to fix build with GCC 11 (boo#1183715)
* 0001-include-appropriate-header-files-for-std-numeric_lim.patch
* Tue Feb 23 2021 Dirk Müller - update to 1.4.2:
* Fixed several heap overflow bugs in the `ReadData` functions of various data type classes. This fixes CVE-2021-3405.
* Tue Jan 05 2021 aloisioAATTgmx.com- Update to version 1.4.1
* Fixed a case EbmlMaster::Read where the element returned via UpperEltFound and FountElt points to a just-deleted element, causing callers to think the memory returned is valid, potentially leading to use-after-free/double-free errors. This can happen if the specific element\'s Read function throws an exception when encountering certain invalid data constellations.
* Sun Jun 28 2020 Luigi Baldoni - Update to version 1.4.0
* Due to breaking ABI the soname version has been bumped to 5.0.0.
* Default symbol visibility is now \"hidden\", reducing binary size.
* Converted some things pointed out by cppcheck & clang-tidy to C++11.
* Fixed a lot of issues pointed out by clang-tidy.
* Added a function \"ForceNoDefault\" in the \"EbmlElement\" class.
* Added a function \"OverwriteData\" in the \"EbmlElement\" class to complement the existing \"OverwriteHead\" function.
* A C++11 compliant compiler is now required. Several of its features are now used in the source.
* EbmlElement::FindNextElement: fixed a buffer overflow on the stack by one byte when the first byte read had its upper four bits unset.
* EbmlCrc32: added a explicit assignment operator with default implementation as an explicit copy constructor exists (implicit assignment operators are deprecated in such cases).- Spec cleanup
* Sat Dec 07 2019 Ferdinand Thiessen - Update to version 1.3.10:
* When reading binary elements with a size of 0, the element was skipped by libebml instead of returned to the calling function.
* Wed Jul 10 2019 Ferdinand Thiessen - Update to version 1.3.9:
* Some build system related changes
* Tue Apr 16 2019 Ferdinand Thiessen - Update to version 1.3.7:
* Fixed the handling of Unicode codepoints > U+FFFF- Dropped fix-EbmlSInteger-limits.patch, fixed upstream.
* Mon Jul 30 2018 rpmAATTfthiessen.de- Added fix-EbmlSInteger-limits.patch from upstream.
* Fixes build with openSUSE <= 42.3
* Mon Jul 30 2018 rpmAATTfthiessen.de- Update to 1.3.6:
* Fixed undefined behavior when reading signed integers with negative values from files.
* Fixed a small memory leak when reading an element runs into an I/O exception (e.g. due to having reached the end of the file).
* Fixed the EbmlMaster::GetDataStart() function returning wrong values for elements with an infinite/unknown size.
* Fixed finding the next element ID when garbage data is encountered during the scan for the ID.
* Fixed several potential situations where reading child element data could exceed the parent element\'s size.
* Fri Aug 25 2017 rpmAATTfthiessen.de- Update to 1.3.5
* The function EbmlMaster::CheckMandatory() will now only return false if a mandatory element is missing for which there\'s no default value in the specifications. This means that callers such as EbmlMaster::UpdateSize() and by extension EbmlMaster::Render() will not insist on all mandatory elements being present anymore, but only those for which there\'s no default value.
* Added a template function `FindNextChild`.
* Fix reading and EBML element even though the ID was not found within the allowed reading limit.
* Fixed an instance of undefined behavior in EbmlElement::GetSemantic() due to binding a dereferenced null pointer to a reference.
* Fri Jul 15 2016 rpmAATTfthiessen.de- Update to new upstream release 1.3.4
* Some minor changes required for clang
* Some minor changes for C99 support
* Required for mkvtoolnix >= 9.3.0
* Thu Oct 22 2015 rpmAATTfthiessen.de- Update to new upstream release 1.3.3 (security fixes!):
* EbmlUnicodeString::UpdateFromUTF8(): Fixed an invalid memory access. When reading from a UTF-8 string in which the length indicated by a UTF-8 character\'s first byte exceeds the string\'s actual number of bytes the parser would access beyond the end of the string resulting in a heap information leak. Fixes the issue reported as Cisco TALOS-CAN-0036.
* EbmlElement::ReadCodedSizeValue(): Fixed an invalid memory access. When reading a EBML variable length integer value a read access beyond the end of the available buffer was possible if fewer bytes were available than indicated by the first byte resulting in a heap information leak.
* EbmlMaster::Read(): When the parser encountered a deeply nested element with an infinite size then a following element of an upper level was not propagated correctly. Instead the element with the infinite size was added into the EBML element tree a second time resulting in memory access after freeing it and multiple attempts to free the same memory address during destruction. Fixes the issue reported as Cisco TALOS-CAN-0037.
* EbmlElement::FindNextElement(): Handle EOF when reading the element size properly.
* Fri May 01 2015 jengelhAATTinai.de- Update package descriptions a bit
* Wed Feb 11 2015 dimstarAATTopensuse.org- Add back BuildRoot: the rpm version of SLE11 still requires this and libebml is linked to 3rd party Build Servers, where building for SLE11 is still enabled.
* Sun Feb 01 2015 jengelhAATTinai.de- Update to new upstream release 1.3.1
* EbmlMaster: Fixed read() trying to calculate the end position of elements with an unknown size. This avoids endless loops and assertions in certain cases.
* EbmlElement::Render(): does not catch exceptions anymore. Instead, exceptions generated from the IOCallback class (e.g. if a write failed) are propagated to the caller.- Drop libebml-1.3.0-6efcb74d1e.patch (no longer relevant)
  
ICM