Changelog for
sox-debugsource-14.4.2-6.1.x86_64.rpm :
* Wed Feb 14 2018 kbabiochAATTsuse.com- Added patches:
* CVE-2017-11332.patch: Fixed the startread function in wav.c, which allowed remote attackers to cause a DoS (divide-by-zero) via a crafted wav file. (CVE-2017-11332 bsc#1081140)
* CVE-2017-11358.patch: Fixed the read_samples function in hcom.c, which allowed remote attackers to cause a DoS (invalid memory read) via a crafted hcom file. (CVE-2017-11358 bsc#1081141)
* CVE-2017-11359.patch: Fixed the wavwritehdr function in wav.c, which allowed remote attackers to cause a DoS (divide-by-zero) when converting a a crafted snd file to a wav file. (CVE-2017-11359 bsc#1081142)
* CVE-2017-15370.patch: Fixed a heap-based buffer overflow in the ImaExpandS function of ima_rw.c, which allowed remote attackers to cause a DoS during conversion of a crafted audio file. (CVE-2017-15370 bsc#1063439)
* CVE-2017-15371.patch: Fixed an assertion abort in the function sox_append_comment() in formats.c, which allowed remote attackers to cause a DoS during conversion of a crafted audio file. (CVE-2017-15371 bsc#1063450)
* CVE-2017-15372.patch: Fixed a stack-based buffer overflow in the lsx_ms_adpcm_block_expand_i function of adpcm.c, which allowed remote attackers to cause a DoS during conversion of a crafted audio file. (CVE-2017-15372 bsc#1063456)
* CVE-2017-15642.patch: Fixed an Use-After-Free vulnerability in lsx_aiffstartread in aiff.c, which could be triggered by an attacker by providing a malformed AIFF file. (CVE-2017-15642 bsc#1064576)
* CVE-2017-18189.patch: Fixed a NULL pointer dereference triggered by a corrupt header specifying zero channels in the startread function in xa.c, which allowed remote attackers to cause a DoS (CVE-2017-18189 bsc#1081146).- Removed sox-doublefree.patch
* Tue Dec 19 2017 meissnerAATTsuse.com- sox-doublefree.patch: initialize comment, it might get returned back with OK. (bsc#1064576 CVE-2017-15642)
* Fri Aug 25 2017 olafAATTaepfle.de- Enable lame/mad/twolame unconditionally- Remove ffmpeg/opus conditional because it is always present
* Mon Mar 06 2017 zaitorAATTopensuse.org- Replace libopus-devel with pkgconfig(opusfile) BuildRequires: this is what configure looks for, and will actually build the optional opus support as intended.
* Tue Sep 22 2015 mpluskalAATTsuse.com- Update to 14.4.2 o Add optional support for reading Ogg Opus files. o Fix for max size text chunks in aiff files. o Add reading support for RF64 WAV files. o Work around for libsndfile created RF64 files with invalid sizes. o Detect MS ADPCM WAV files with invalid blocks. o Detect Sphere files with invalid header sizes. o \'Deemph\' can now also be used at 48kHz sample rate. o \'Rate\' now much faster in many cases. o Allow sending spectrograms to stdout. o Allow use of Dolph window with spectrograms. o Allow mixing time and sample-count arguments for the delay effect, and for spectrogram -S and -d. o Support multi-channel LADSPA plugins. o Support infinite repetition with repeat. o Improved pink noise frequency response in synth. o Extended syntax for specifying audio positions to several effects. o Fix integer overflow in mcompand. [3590093] o Add optional latency compenstation for LADSPA plugins. o New -p option for soxi to display sample precision. o New libsox example6: give explicit output attributes. o Speed optimization for effects that operate on channels independently. o Fix memory leaks. o Most internal symbols (lsx_
*) are no longer exported.- Drop sox-14.4.0-ocloexec.patch as it brings little enhancement and there has been no activity at upstreaming it- Enable ffmpeg and opus by default
* Wed Sep 11 2013 reddwarfAATTopensuse.org- Update to version 14.4.1 o Fix pipe file-type detection regression o MAUD write fixes o Fix crash when seeking within a FLAC file o Fix Ogg Vorbis files with certain numbers of channels being truncated o Fix reading 64-bit float WAVs o Fix potential buffer overrun when writing FLAC files directly via sox_write() o Check whether pulseaudio is available before choosing it as default o Restore 8 seconds default for spectrogram, if the input length is not known o Set output length for splice to unknown instead of 0 o Increase maximum width for spectrograms o Fix memory leaks in LADSPA effect o Fix hang in several effects (rate, tempo, and those based on dft_filter) when processing long files o Prevent (m)compand from tampering with their arguments o Fix input length calculation for combine methods other than concatenate o Fix to configure.ac to work with Autoconf 2.69- Rebase sox-14.4.0-ocloexec.patch
* Thu Feb 07 2013 crrodriguezAATTopensuse.org- sox-14.4.0-ocloexec.patch: edited, config.h must be included _everywhere_ and GNU_SOURCE defined so O_CLOEXEC is available for all targets.
* Sat Nov 17 2012 crrodriguezAATTopensuse.org- Disable OSS support, alsa and pulse are enough for us now.
* Sat Apr 14 2012 reddwarfAATTopensuse.org- Update to version 14.4.0 o Add floating point encodings in AIFF-C files. o Pad WAV data chunks to an even number of bytes. o Made Pulse Audio driver the default driver. o Lots of improvements to man pages. o New upsample, hilbert, and downsample effects. o Fix fading bugs. o Enable --plot on biquad and fir effects. o Now effects chain can be unlimitted length. o Fix newfile/restart effects when merging or mixing files. o Fix crash in compand and mcompand effect. o Improved audio length calculations when using effects. o New trim effect with enhanced capabilities. o Improved large file support. o MP2 write support.- Split librarires to follow SLPP- Optionally enable twolame support- Use pkgconfig() style BuildRequires- Update ocloexec patch to apply to the new version- Remove audioio.h/sunaudio support- Remove unneeded ncurses BuildRequire- Remove patches not needed anymore (sox-14.3.2-new_ffmpeg.patch, sox-14.3.1-undefined.patch and sox-14.3.1-aliasing.patch)
* Sun Nov 27 2011 pascal.bleserAATTopensuse.org- fix build on < 12.1 by not applying the O_CLOEXEC patch there as it is not in the glibc- fix build on >= 12.1 by adding ncurses-devel to the BuildRequires
* Fri Nov 18 2011 crrodriguezAATTopensuse.org- libsox: Use O_CLOEXEC where needed, this is specially important in library code and even more here as threading is used.
* Mon Jun 27 2011 cooloAATTnovell.com- remove _service file, way too fragile (see sr#74395)
* Wed Jun 22 2011 reddwarfAATTopensuse.org- make it support new ffmpeg versions- remove buildstamp without modifying the output- use opencore-amr for AMR support
* Tue Mar 01 2011 reddwarfAATTopensuse.org- Update to version 14.3.2 o Seek support for MP3 files. o Fix WavPack header bugs. o Fix length error in 24-bit RIFF files. o Add default channel mapping to 24-bit RIFF files. o Fix ffmpeg crashes on some CPU\'s. o Read wider range of WAV files with chunks embedded. o Fix incorrect MP3 length determination with some VBR files with initial silence. o Enable LADSPA support by default on all platforms if libltdl exists. o Allow now legend on spectrogram. o Fix -w option on stat effect. o Support specifying absolute end position instead of offset from beginning of trim operation.
* Tue Sep 21 2010 reddwarfAATTopensuse.org- Add libmagic support- Added sox-14.3.1-undefined.patch and sox-14.3.1-aliasing.patch- Run spec-cleaner and general cleanup- Fix MP3 support linking directly against needed libraries- Fix License tag
* Tue Apr 13 2010 davejplaterAATTgmail.com- Update to version 14.3.1, remove sox-14.2.0-vorbis.patch due to vorbis1.h no longer existing. Fix sox-no_buildstamp.patch.- LibSoX interface changes: o Added new variants of sox_open to allow read/write from/to memory buffers (in POSIX 2008 environment); see example5.c. (robs)- File formats: o New Grandstream ring-tone (gsrt) format. (robs) o CVSD encode/decode speed-ups. (Kimberly Rockwell, P. Chaintreuil) o Fix failed writing 24-bit PAF files (and possibly other libsndfile based formats). (cbagwell) o Allow libsndfile to be dlopen()\'ed at runtime if --enable-dl-sndfile is used. (Doug Cook) o Allow amr-nb/amr-wb to be dlopen()\'ed at runtime if - -enable-dl-amrwb or --enable-dl-amrnb is used. (Doug Cook) o amrnb and amrwb formats can optionally use opencore-amr libraries. (cbagwell)- Audio device drivers: o Add 32-bit support to ALSA driver. (Pavel Hofman)- Effects: o Fix [2254919] silence doesn\'t trim digital silence correctly. (robs) o Fix [2859842] stats effect crashes on 64-bit arch. (Ulrich Klauer)- Other new features: o Added libSoX example #4: concatenating audio files. (robs) o Show soxi version & usage information when no args given. (robs)- Other bug fixes: o Fix build so that grouped files (e.g. play -r 6k \"
*.vox\" plays all at 6k) works. (robs) o Fix build to support auto file type detection with pipes on FreeBSD and elsewhere. (Dan Nelson) o Fix simultaneous play & rec not working. (robs) o Fix missing documentation for -R (repeatable), and pulseaudio driver. o Fix memory leak of format private data. (Slawomir Testowy)- Internal improvements: o Move bit-rot detection support files to sub-directory (could previously cause build problems). (robs) o Added utilities to help any format handler dlopen() external libraries at run time instead of link time. (Doug Cook)
* Sun Dec 13 2009 cmorve69AATTyahoo.es- Remove buildstamp to help build-compare
* Thu Jun 25 2009 cmorve69AATTyahoo.es- made ffmpeg, mad, lame, amrwb and amrnb support build conditional- enable PulseAudio support
* Mon Jun 22 2009 prusnakAATTsuse.cz- updated to 14.3.0
* LibSoX interface changes: o sox_format_init() has been supeseded by sox_init(). o Removed obsolete error codes (SOX_E...); new sox_strerror() function to convert error codes to text. o Use of sox_effect_options() is now mandatory when initialising an effect (see example0.c for an example of this). o sox_flow_effects() has a new (3rd) parameter: a void pointer `client_data\' that is passed as a new (2nd) parameter to the flow callback function. client_data may be NULL.
* File formats: o Slight improvement to A-law/u-law conversion accuracy: round LSB instead of truncating. (robs) o Fix length in wav header with multi-channel output to pipe. (robs) o Fix [2028181] w64 float format incompatibility. (Tim Munro) o Fix reading AIFF files with pad bytes in COMT chunks. (Joe Holt) o Fix AIFF file length bug to stop reading trash data on files that have extra chunks at end of file. (Joe Holt) o Fix file length being 4 bytes short for AIFF sowt CD tracks. (Joe Holt) o Fix [2404566] segfault when converting from MS ADPCM wav file. (robs) o Fix slight FLAC seek inaccuracy e.g. when using `trim\' effect. (robs) o Fix mp3 decode sometimes being up to a block short. (robs) o Fix not outputing GSM-in-wav when input is GSM-in-wav. (robs)
* Audio device drivers: o New native OpenBSD audio handler for play/recording. (Alexandre Ratchov) o 24-bit support for ALSA handler. (robs) o Warn if ALSA under/overrun. (robs)
* Effects: o New `stats\' effect; multichannel audio statistics. (robs) o New `sinc\' FFT filter effect; replacement for `filter\'. (robs) o New `fir\' filter effect using external coefficients/file. (robs) o New `biquad\' filter effect using external coefficients. (robs) o New `overdrive\' effect. (robs) o New `vad\' Voice Activity Detector effect. (robs) o `synth\' enhancements: can now set common parameters for multiple channels, new `pluck\' and `tpdf\' types, `scientific\' note notation, [2778142] just intonation. (robs) o New multi-channel support and revised sizing options for `spectrogram\'. N.B. revised options are not directly backwards compatible -- see the man page for details of the new syntax. (robs) o Richer gain/normalise options. (robs) o [2704442] Slight change to `riaa\' gain: now norm\'d to 0dB AATT 1k (previously 19.9dB AATT DC). (Glenn Davis) o Fix [2487589] `dither\' clipping detection & handling. (robs) o Fix `repeat\' sometimes stopping repeating too soon. (robs) o Fix `repeat\' sometimes repeating wrong audio segments. (robs) o Fix [2332343] \'silence\' segfault with certain lengths. (cbagwell) o Fix `silence\' empty output file with A-law input. (robs) o Fix temporary file problems in Windows (cygwin) with normalise and other effects. (robs) o Fix [2779041] spectrogram PNG file is invalid on Windows. (robs) o Fix [2787587] `trim x 0\' should produce zero length audio. (robs) o Parallel effects channel processing on some hyper-threading/mult-core architectures. New `--single-threaded\' option to disable this. (robs)
* Other new features: o Added ability to create shared DLL\'s on cygwin (cbagwell) o New `--guard\' & `--norm\' options; use temporary files to guard against clipping for many, but not currently all, effects. (robs) o New `--ignore-length\' option to ignore length in input file header (for simple encodings & for mp3); instead, read to end of file. (robs) o New `--temp DIRECTORY\' option. (robs) o New `--play-rate-arg ARG\' option. (robs) o New SOX_OPTS environment variable; can be used to provide default values for above and other options. (robs) o Grouped files, e.g. play -r 6k \"
*.vox\" plays all at 6k. (robs) o Automatically `dither\'; new `--no-dither\' option to disable this. (robs) o Can now use `v\' & `V\' keys to adjust volume whilst playing audio (on some systems). (robs) o New bitrate, time in seconds, & total options for soxi; bitrate and file-size display for sox. (robs) o `Magic\' (libmagic) file type detection now selected using `--magic\' option (where supported). o [2003121] In many cases, no longer need to specify -t when inputing audio from a `pipe\'. (robs) o Support more Shoutcast URL variants. (robs) o Added libSoX example #3: playing audio. (robs)
* Other bug fixes: o Fix [2262177] SoX build could fail with parse /etc/issue error. (robs) o Fix \"no handler for detected file type `application/octet-stream; charset=binary\'\" with raw files when using libmagic. (robs)
* Internal improvements: o Rationalise use of and make repeatable across different platforms pseudo random number generators. (robs) o Rationalise effects\' options interface (getopt compatible). (robs) o Added stub headers to allow test compilation of all sources on linux. (robs)