head 1.18; access; symbols pkgsrc-2013Q2:1.18.0.6 pkgsrc-2013Q2-base:1.18 pkgsrc-2012Q4:1.18.0.4 pkgsrc-2012Q4-base:1.18 pkgsrc-2011Q4:1.18.0.2 pkgsrc-2011Q4-base:1.18 pkgsrc-2011Q2:1.16.0.4 pkgsrc-2011Q2-base:1.16 pkgsrc-2009Q4:1.16.0.2 pkgsrc-2009Q4-base:1.16 pkgsrc-2009Q3:1.15.0.6 pkgsrc-2009Q3-base:1.15 pkgsrc-2009Q2:1.15.0.4 pkgsrc-2009Q2-base:1.15 pkgsrc-2009Q1:1.15.0.2 pkgsrc-2008Q4:1.13.0.24 pkgsrc-2008Q4-base:1.13 pkgsrc-2008Q3:1.13.0.22 pkgsrc-2008Q3-base:1.13 cube-native-xorg:1.13.0.20 cube-native-xorg-base:1.13 pkgsrc-2008Q2:1.13.0.18 pkgsrc-2008Q2-base:1.13 cwrapper:1.13.0.16 pkgsrc-2008Q1:1.13.0.14 pkgsrc-2008Q1-base:1.13 pkgsrc-2007Q4:1.13.0.12 pkgsrc-2007Q4-base:1.13 pkgsrc-2007Q3:1.13.0.10 pkgsrc-2007Q3-base:1.13 pkgsrc-2007Q2:1.13.0.8 pkgsrc-2007Q2-base:1.13 pkgsrc-2007Q1:1.13.0.6 pkgsrc-2007Q1-base:1.13 pkgsrc-2006Q4:1.13.0.4 pkgsrc-2006Q4-base:1.13 pkgsrc-2006Q3:1.13.0.2 pkgsrc-2006Q3-base:1.13 pkgsrc-2006Q2:1.12.0.2 pkgsrc-2006Q2-base:1.12 pkgsrc-2006Q1:1.10.0.2 pkgsrc-2006Q1-base:1.10 pkgsrc-2005Q4:1.9.0.2 pkgsrc-2005Q4-base:1.9 pkgsrc-2005Q3:1.8.0.8 pkgsrc-2005Q3-base:1.8 pkgsrc-2005Q2:1.8.0.6 pkgsrc-2005Q2-base:1.8 pkgsrc-2005Q1:1.8.0.4 pkgsrc-2005Q1-base:1.8 pkgsrc-2004Q4:1.8.0.2 pkgsrc-2004Q4-base:1.8 pkgsrc-2004Q3:1.7.0.2 pkgsrc-2004Q3-base:1.7 pkgsrc-2004Q2:1.6.0.2 pkgsrc-2004Q2-base:1.6 pkgsrc-2004Q1:1.4.0.2 pkgsrc-2004Q1-base:1.4 pkgsrc-2003Q4:1.2.0.2 pkgsrc-2003Q4-base:1.2; locks; strict; comment @# @; 1.18 date 2011.08.06.10.23.17; author wiz; state dead; branches; next 1.17; 1.17 date 2011.07.14.09.49.01; author drochner; state Exp; branches; next 1.16; 1.16 date 2009.12.15.11.08.38; author wiz; state dead; branches 1.16.4.1; next 1.15; 1.15 date 2009.06.08.09.30.17; author tron; state Exp; branches 1.15.2.1; next 1.14; 1.14 date 2009.02.21.13.20.45; author wiz; state dead; branches; next 1.13; 1.13 date 2006.09.01.06.02.23; author adam; state Exp; branches; next 1.12; 1.12 date 2006.04.30.17.29.29; author adam; state Exp; branches; next 1.11; 1.11 date 2006.04.06.16.59.08; author drochner; state Exp; branches; next 1.10; 1.10 date 2006.02.24.08.11.26; author adam; state Exp; branches; next 1.9; 1.9 date 2005.09.30.13.26.02; author adam; state Exp; branches; next 1.8; 1.8 date 2004.11.19.12.15.14; author adam; state Exp; branches; next 1.7; 1.7 date 2004.06.28.08.14.03; author adam; state Exp; branches; next 1.6; 1.6 date 2004.04.02.10.13.43; author adam; state Exp; branches; next 1.5; 1.5 date 2004.03.29.08.08.13; author adam; state Exp; branches; next 1.4; 1.4 date 2004.02.26.15.41.50; author adam; state Exp; branches; next 1.3; 1.3 date 2004.02.13.14.57.20; author adam; state Exp; branches; next 1.2; 1.2 date 2002.12.14.17.30.32; author jmmv; state dead; branches; next 1.1; 1.1 date 2002.09.30.20.54.34; author skrll; state Exp; branches; next ; 1.16.4.1 date 2011.07.15.19.30.01; author spz; state Exp; branches; next ; 1.15.2.1 date 2009.06.08.09.30.17; author spz; state dead; branches; next 1.15.2.2; 1.15.2.2 date 2009.06.08.21.05.22; author spz; state Exp; branches; next ; desc @@ 1.18 log @Update to 1.0.25: (SA45125 was already fixed in the package) Version 1.0.25 (2011-07-13) * Fix for Secunia Advisory SA45125, heap overflow in PAF file handler. * Accept broken WAV files with blockalign == 0. * Minor bug fixes and improvements. @ text @$NetBSD: patch-aa,v 1.17 2011/07/14 09:49:01 drochner Exp $ SA45125 --- src/common.h.orig 2011-03-23 09:01:02.000000000 +0000 +++ src/common.h @@@@ -557,6 +557,7 @@@@ enum SFE_PAF_VERSION, SFE_PAF_UNKNOWN_FORMAT, SFE_PAF_SHORT_HEADER, + SFE_PAF_BAD_CHANNELS, SFE_SVX_NO_FORM, SFE_SVX_NO_BODY, @ 1.17 log @add patch from upstream to fix crash by invalid PAF files (DOS problem, SA45125) bump PKGREV @ text @d1 1 a1 1 $NetBSD$ @ 1.16 log @Update to 1.0.21: Version 1.0.21 (2009-12-13) * Add a couple of new binary programs to programs/ dir. * Remove sndfile-jackplay (now in sndfile-tools package). * Add windows only function sf_wchar_open(). * Bunch of minor bug fixes. (The last entry sums up at least the DOS patches we had in pkgsrc.) @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.15 2009/06/08 09:30:17 tron Exp $ d3 1 a3 1 Upstream fix for DoS vulnerability taken from here: d5 7 a11 10 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530831 --- src/alaw.c.orig 2009-03-22 19:17:13.000000000 +0000 +++ src/alaw.c 2009-06-08 10:03:02.000000000 +0100 @@@@ -69,7 +69,7 @@@@ else psf->datalength = 0 ; - psf->sf.frames = psf->datalength / psf->blockwidth ; + psf->sf.frames = psf->blockwidth > 0 ? psf->datalength / psf->blockwidth : 0 ; d13 2 a14 2 return 0 ; } /* alaw_init */ @ 1.16.4.1 log @Pullup ticket #3473 - requested by drochner audio/libsndfile security patch Revisions pulled up: - audio/libsndfile/Makefile 1.61 - audio/libsndfile/distinfo 1.33 - audio/libsndfile/patches/patch-aa 1.17 - audio/libsndfile/patches/patch-ab 1.11 - audio/libsndfile/patches/patch-ac 1.13 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: drochner Date: Thu Jul 14 09:49:01 UTC 2011 Modified Files: pkgsrc/audio/libsndfile: Makefile distinfo Added Files: pkgsrc/audio/libsndfile/patches: patch-aa patch-ab patch-ac Log Message: add patch from upstream to fix crash by invalid PAF files (DOS problem, SA45125) bump PKGREV To generate a diff of this commit: cvs rdiff -u -r1.60 -r1.61 pkgsrc/audio/libsndfile/Makefile cvs rdiff -u -r1.32 -r1.33 pkgsrc/audio/libsndfile/distinfo cvs rdiff -u -r0 -r1.17 pkgsrc/audio/libsndfile/patches/patch-aa cvs rdiff -u -r0 -r1.11 pkgsrc/audio/libsndfile/patches/patch-ab cvs rdiff -u -r0 -r1.13 pkgsrc/audio/libsndfile/patches/patch-ac @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 SA45125 d5 10 a14 7 --- src/common.h.orig 2011-03-23 09:01:02.000000000 +0000 +++ src/common.h @@@@ -557,6 +557,7 @@@@ enum SFE_PAF_VERSION, SFE_PAF_UNKNOWN_FORMAT, SFE_PAF_SHORT_HEADER, + SFE_PAF_BAD_CHANNELS, d16 2 a17 2 SFE_SVX_NO_FORM, SFE_SVX_NO_BODY, @ 1.15 log @Add upstream patch (taken from Debian bug report) to fix crashes caused by bad audio files. @ text @d1 1 a1 1 $NetBSD$ @ 1.15.2.1 log @file patch-aa was added on branch pkgsrc-2009Q1 on 2009-06-08 21:05:22 +0000 @ text @d1 17 @ 1.15.2.2 log @Pullup ticket 2790 - requested by tron Security update Revisions pulled up: - pkgsrc/audio/libsndfile/Makefile 1.52 - pkgsrc/audio/libsndfile/distinfo 1.29 - pkgsrc/audio/libsndfile/options.mk 1.7 Files added: pkgsrc/audio/libsndfile/patches/patch-aa 1.15 pkgsrc/audio/libsndfile/patches/patch-ab 1.9 pkgsrc/audio/libsndfile/patches/patch-ac 1.11 pkgsrc/audio/libsndfile/patches/patch-ad 1.12 pkgsrc/audio/libsndfile/patches/patch-ae 1.7 pkgsrc/audio/libsndfile/patches/patch-af 1.7 Module Name: pkgsrc Committed By: wiz Date: Sat May 2 17:24:15 UTC 2009 Modified Files: pkgsrc/audio/libsndfile: options.mk Log Message: Add octave option, based on PR 41307 by Rumko. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 pkgsrc/audio/libsndfile/options.mk --------------------------------------------------------------------- Module Name: pkgsrc Committed By: adam Date: Thu May 14 12:58:27 UTC 2009 Modified Files: pkgsrc/audio/libsndfile: Makefile distinfo options.mk Log Message: Changes 1.0.20: * Fix potential heap overflow in VOC file parser. To generate a diff of this commit: cvs rdiff -u -r1.50 -r1.51 pkgsrc/audio/libsndfile/Makefile cvs rdiff -u -r1.27 -r1.28 pkgsrc/audio/libsndfile/distinfo cvs rdiff -u -r1.6 -r1.7 pkgsrc/audio/libsndfile/options.mk --------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Mon Jun 8 09:30:17 UTC 2009 Modified Files: pkgsrc/audio/libsndfile: Makefile distinfo Added Files: pkgsrc/audio/libsndfile/patches: patch-aa patch-ab patch-ac patch-ad patch-ae patch-af Log Message: Add upstream patch (taken from Debian bug report) to fix crashes caused by bad audio files. To generate a diff of this commit: cvs rdiff -u -r1.51 -r1.52 pkgsrc/audio/libsndfile/Makefile cvs rdiff -u -r1.28 -r1.29 pkgsrc/audio/libsndfile/distinfo cvs rdiff -u -r0 -r1.15 pkgsrc/audio/libsndfile/patches/patch-aa cvs rdiff -u -r0 -r1.9 pkgsrc/audio/libsndfile/patches/patch-ab cvs rdiff -u -r0 -r1.11 pkgsrc/audio/libsndfile/patches/patch-ac cvs rdiff -u -r0 -r1.12 pkgsrc/audio/libsndfile/patches/patch-ad cvs rdiff -u -r0 -r1.7 pkgsrc/audio/libsndfile/patches/patch-ae \ pkgsrc/audio/libsndfile/patches/patch-af @ text @a0 17 $NetBSD: patch-aa,v 1.15 2009/06/08 09:30:17 tron Exp $ Upstream fix for DoS vulnerability taken from here: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530831 --- src/alaw.c.orig 2009-03-22 19:17:13.000000000 +0000 +++ src/alaw.c 2009-06-08 10:03:02.000000000 +0100 @@@@ -69,7 +69,7 @@@@ else psf->datalength = 0 ; - psf->sf.frames = psf->datalength / psf->blockwidth ; + psf->sf.frames = psf->blockwidth > 0 ? psf->datalength / psf->blockwidth : 0 ; return 0 ; } /* alaw_init */ @ 1.14 log @Update to 1.0.18: Version 1.0.18 (2009-02-07) * Add Ogg/Vorbis support (thanks to John ffitch). * Remove captive FLAC library. * Many new features and bug fixes. * Generate Win32 and Win64 pre-compiled binaries. Add ogg and vorbis dependencies to bl3.mk and increase ABI depends. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.13 2006/09/01 06:02:23 adam Exp $ d3 9 a11 8 --- src/Makefile.in.orig 2006-08-31 12:55:38.000000000 +0200 +++ src/Makefile.in @@@@ -864,7 +864,7 @@@@ cygsndfile.def: create_symbols_file.py ./create_symbols_file.py cygwin $(VERSION) > cygsndfile.def # Fake dependancy to force the creation of these files. -sndfile.c : Symbols.linux Symbols.darwin libsndfile.def cygsndfile.def +sndfile.c : d13 2 a14 1 # Dependancies. d16 2 @ 1.13 log @Changes 1.0.17: * Add sndfile.hh C++ wrapper. * Update Win32 MinGW build instructions. * Minor bug fixes and cleanups. @ text @d1 1 a1 1 $NetBSD$ @ 1.12 log @Changes 1.0.16: * Add support for Broadcast (BEXT) chunks in WAV files. * Implement new commands SFC_GET_SIGNAL_MAX and SFC_GET_MAX_ALL_CHANNELS. * Add support for RIFX (big endian WAV variant). * Fix configure script bugs. * Fix bug in INST and MARK chunk writing for AIFF files. @ text @d3 1 a3 1 --- src/Makefile.in.orig 2006-04-30 04:48:33.000000000 +0200 d5 1 a5 1 @@@@ -838,7 +838,7 @@@@ cygsndfile.def: create_symbols_file.py @ 1.11 log @update to 1.0.15 changes: * Fix some ia64 issues. * Fix precompiled DLL. * Minor bug fixes. @ text @d3 1 a3 1 --- src/Makefile.in.orig 2006-03-16 11:00:39.000000000 +0100 d5 1 a5 1 @@@@ -837,7 +837,7 @@@@ cygsndfile.def: create_symbols_file.py @ 1.10 log @Changes 1.0.14: * Really fix MinGW compile problems. * Minor bug fixes. @ text @d3 1 a3 1 --- src/Makefile.in.orig 2006-02-20 22:10:14.000000000 +0100 d5 2 a6 2 @@@@ -835,7 +835,7 @@@@ libsndfile.def: create_symbols_file.py ./create_symbols_file.py win32 $(VERSION) > libsndfile.def d9 2 a10 2 -sndfile.c : Symbols.linux Symbols.darwin libsndfile.def +sndfile.c: @ 1.9 log @Changes 1.0.12: * Add support for FLAC and Apple's Core Audio Format (CAF). * Add virtual I/O interface (still needs docs). * Cygwin and other Win32 fixes. * Minor bug fixes and cleanups. @ text @d3 1 a3 1 --- src/Makefile.in.orig 2005-09-29 20:00:35.000000000 +0000 d5 1 a5 1 @@@@ -833,7 +833,7 @@@@ libsndfile.def: create_symbols_file.py @ 1.8 log @Changes 1.0.11: * Add SD2 file support * Reading of loop data in WAV and AIFF * Minor bug fixes @ text @d3 1 a3 1 --- src/Makefile.in.orig 2004-11-15 10:53:04.000000000 +0000 d5 1 a5 1 @@@@ -881,7 +881,7 @@@@ libsndfile.def: create_symbols_file.py @ 1.7 log @Changes 1.0.10: * Minor bug fixes * Fix support for Win32 MinGW compiler @ text @d3 1 a3 1 --- src/Makefile.in.orig 2004-06-16 10:18:32.000000000 +0000 d5 1 a5 1 @@@@ -867,7 +867,7 @@@@ libsndfile.def: create_symbols_file.py @ 1.6 log @Changes 1.0.9: * Add AVR format * Improve handling of some WAV files @ text @d3 1 a3 1 --- src/Makefile.in.orig 2004-03-30 11:25:19.000000000 +0000 d5 1 a5 1 @@@@ -861,7 +861,7 @@@@ libsndfile.def: create_symbols_file.py @ 1.5 log @Changes 1.0.8: * Minor bug fixes @ text @d3 1 a3 1 --- src/Makefile.in.orig 2004-03-14 08:43:56.000000000 +0000 d5 1 a5 1 @@@@ -859,7 +859,7 @@@@ libsndfile.def: create_symbols_file.py @ 1.4 log @Changes 1.0.7: Fix build problems on MacOSX and fix ia64/MIPS etc clip mode detection @ text @d3 1 a3 1 --- src/Makefile.in.orig 2004-02-25 09:08:59.000000000 +0000 d5 6 a10 1 @@@@ -850,7 +850,7 @@@@ Symbols: create_symbols_file.sh a13 5 -sndfile.c : Symbols +sndfile.c: aiff.c au.c au_g72x.c ircam.c mat4.c mat5.c nist.c paf.c pvf.c : sndfile.h common.h raw.c svx.c voc.c w64.c wav.c wav_w64.c htk.c sd2.c rx2.c txw.c : sndfile.h common.h @ 1.3 log @Changes 1.0.6: Large file fix for Linux/Solaris New functionality and Win32 improvements @ text @d3 1 a3 1 --- src/Makefile.in.orig 2004-02-13 15:47:17.000000000 +0000 d5 1 a5 1 @@@@ -849,7 +849,7 @@@@ Symbols: create_symbols_file.sh @ 1.2 log @Update libsndfile to 1.0.3. There have been several changes since 1.0.1, but the most important ones are (according to the homepage): - Version 1.0.2 (Nov 24 2002) Added VOX ADPCM format. - Version 1.0.3 (Dec 09 2002) Fixes for Linux on ia64 CPUs. @ text @d1 1 a1 1 $NetBSD: patch-aa,v 1.1 2002/09/30 20:54:34 skrll Exp $ d3 3 a5 8 --- src/Makefile.am.orig Thu Sep 5 09:49:04 2002 +++ src/Makefile.am @@@@ -19,7 +19,7 @@@@ FILESPECIFIC = aiff.c au.c au_g72x.c nis libsndfile_la_SOURCES = $(COMMON) $(FILESPECIFIC) $(noinst_HEADERS) libsndfile_la_LDFLAGS = -version-info @@SHARED_VERSION_INFO@@ -libsndfile_la_LIBADD = GSM610/libgsm.la G72x/libg72x.la +libsndfile_la_LIBADD = GSM610/libgsm.la G72x/libg72x.la -lm d7 7 a13 2 # Disable autoheader. AUTOHEADER=echo @ 1.1 log @Do previous "The Right Way". @ text @d1 1 a1 1 $NetBSD$ @