SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for lame-3.100-6.1.x86_64.rpm :

* Fri Feb 23 2018 kbabiochAATTsuse.com- Update to version 3.100
* Improved detection of MPEG audio data in RIFF WAVE files. sf#3545112 Invalid sampling detection
* New switch --gain , range -20.0 to +12.0, a more convenient way to apply Gain adjustment in decibels, than the use of --scale .
* Fix for sf#3558466 Bug in path handling
* Fix for sf#3567844 problem with Tag genre
* Fix for sf#3565659 no progress indication with pipe input
* Fix for sf#3544957 scale (empty) silent encode without warning
* Fix for sf#3580176 environment variable LAMEOPT doesn\'t work anymore
* Fix for sf#3608583 input file name displayed with wrong character encoding (on windows console with CP_UTF8)
* Fix dereference NULL and Buffer not NULL terminated issues.
* Fix dereference of a null pointer possible in loop.
* Make sure functions with SSE instructions maintain their own properly aligned stack. Thanks to Fabian Greffrath
* Multiple Stack and Heap Corruptions from Malicious File.
* Fix a division by zero vulnerability (CVE-2017-11720 bsc#1082311)
* Fix CVE-2017-9410 fill_buffer_resample function in libmp3lame/util.c heap-based buffer over-read and ap (bsc#1082333)
* Fix CVE-2017-9411 fill_buffer_resample function in libmp3lame/util.c invalid memory read and application crash (bsc#1082397)
* Fix CVE-2017-9412 unpack_read_samples function in frontend/get_audio.c invalid memory read and application crash (bsc#1082340)
* Fix clip detect scale suggestion unaware of scale input value
* HIP decoder bug fixed: decoding mixed blocks of lower sample frequency Layer3 data resulted in internal buffer overflow.
* Add lame_encode_buffer_interleaved_int()
* Fix a stack-based buffer overflow and application crash in the III_dequantisize_sample function in layer3.c in mpglib (CVE-2017-9872 bsc#1082391)
* Fix a stack-based buffer overflow and application crash in the III_i_stereo function in layer3.c in mpglib (CVE-2017-9871 bsc#1082392)
* Fix a buffer over-read and application crash in the III_i_stereo function in layer3.c (CVE-2017-9870 bsc#1082393)
* Fix a buffer over-read and application crash in the II_step_one function in layer2.c (CVE-2017-9869 bsc#1082395)
* Fix buffer overflows when data types for values in WAV or AIFF headers are no signed (CVE-2017-8419 bsc#1037255)
* Fix a stack-based buffer overflow in unpack_read_samples in the file frontend/get_audio.c (CVE-2017-15046 bsc#1061973)
* Fix a heap-based buffer over-read in fill_buffer in libmp3lame/util.c, related to lame_encode_buffer_sample_t in libmp3lame/lame.c (CVE-2017-15045 bsc#1061970)
* Fix a NULL Pointer Dereference in the hip_decode_init function within libmp3lame/mpglib_interface.c via a malformed mpg file, because of an incorrect calloc call. (CVE-2017-15019 bsc#1082317)
* Fix a heap-based buffer over-read when handling a malformed file in k_34_4 in vbrquantize.c. (CVE-2017-15018 bsc#1082341)
* Fix a NULL Pointer Dereference in the id3v2AddAudioDuration function in libmp3lame/id3tag.c (CVE-2017-13712 bsc#1082399)
* Fix a heap-based buffer over-read in fill_buffer_resample function in util.c (CVE-2015-9101 bsc#1082400)
* Fix a NULL pointer dereference in fill_buffer_resample function in util.c (CVE-2015-9100 bsc#1082401)
* Fix invalid read in lame_init_params function in lame.c (CVE-2015-9099 bsc#1082329)- Drop upstream patches:
* lame-Add-check-for-invalid-input-sample-rate.patch
* lame-ansi2knr2.patch
* lame-bits_per_sample.patch
* lame-force_align_arg_pointer.patch
* lame-gtk1.patch
* lame-int_resample_ratio.patch
* lame-msse.patch
* Thu Mar 02 2017 jengelhAATTinai.de- Rename %soname to %sover to better reflect its use.- Replace goals with what the software really does.
* Sat Jun 20 2015 olafAATTaepfle.de- Add patch for SSE- Add check for invalid input sample rate- Avoid malformed wav causing floating point exception (integer divide by zero)- Fix warning on 64 bit machines. Explicitely set variables as unsigned ints.- Enable functions with SSE instructions to maintain their own properly aligned stack- Fix decision if sample rate ratio is an integer value or not- run autoreconf, set GTK_CFLAGS- Add patch to remove ansi2knr instead of using sed
* Tue Feb 03 2015 scarabeusAATTopensuse.org- Redux the conditionals for not building gtk1 anywhere anymore
* Fri Nov 01 2013 obsAATTbotter.cc- Fix logical issue in hvogel\'s fix
* Thu Oct 31 2013 hvogelAATTopensuse.org- Fix the conditional building of gtk1 binaries
* Tue Oct 15 2013 obsAATTbotter.cc- Fix pkgconfig(gtk+-2.0) for >= 11.4
* Thu Jul 19 2012 reddwarfAATTopensuse.org- Fix bug reporting link- BuildRequires nasm only in x86-32 (there is no assembly available for other archs)- Stop BuildRequiring flac-devel, it\'s not used- Remove autoreconf call and related BuildRequires and patches- Remove old compatibility Provides- Run spec-cleaner- Removed all patches (unneeded)- Replace some documentation and let the build system install its own
* Tue Jul 17 2012 pascal.bleserAATTopensuse.org- update to 3.99.5: fixed build on 12.2
* Tue Nov 22 2011 pascal.bleserAATTopensuse.org- disable sndfile for IO, causes more issues than anything else (warnings and issues in several applications that use lame)- lame-tgetstr.patch: fix build on openSUSE > 12.1, tput and friends are now in libtinfo
* Mon Mar 07 2011 pascal.bleserAATTopensuse.org- add Gentoo patch that fixes reading from stdin- add rpmlintrc- split out documentation into subpackage
* Fri Jun 18 2010 lnusselAATTsuse.de- disable use of gtk in 11.3, was dropped
* Sat Mar 27 2010 pascalAATTlinks2linux.de- update to 3.98.4:
* fix for #2973877, a problem regarding the new drain code
* Sun Feb 28 2010 pascalAATTlinks2linux.de- update to 3.98.3:
* a very important interaction with the FhG decoder was fixed
* the hip audio decoding library is used to perform a better job when reencoding MP3 files to MP3 files
* bugs were worked around to improve compatibility with ffmpeg
* many fixes were made regarding ID3 tags, including correct specification of the length of the tracks- dropped cvs patch, merged upstream
* Fri Aug 21 2009 Manfred.TremmelAATTiiv.de- cleanups cvs patch- removed static library
* Sat May 30 2009 Manfred.TremmelAATTiiv.de- patch from cvs to fix buffer problems with ffmpeg
  
ICM