pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/audio/libopus Updated libopus to 1.1.4.



details:   https://anonhg.NetBSD.org/pkgsrc/rev/1111eaed6558
branches:  trunk
changeset: 357530:1111eaed6558
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Sun Jan 22 13:04:55 2017 +0000

description:
Updated libopus to 1.1.4.

This Opus 1.1.4 release fixes a single bug. A specially-crafted
Opus packet could cause an integer wrap-around in the SILK LSF
stabilization code. This would cause an out-of-bounds read 256
bytes before a constant table. In most circumstances, the consequences
are harmless and the result is simply noise in the audio.

This was reported as CVE-2017-0381. Contrary to that report, our
own analysis shows that no remote code execution is possible.
However, we are making this release as a precaution.

diffstat:

 audio/libopus/Makefile |   5 ++---
 audio/libopus/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 8 deletions(-)

diffs (35 lines):

diff -r ea56af9ffa0c -r 1111eaed6558 audio/libopus/Makefile
--- a/audio/libopus/Makefile    Sun Jan 22 12:55:39 2017 +0000
+++ b/audio/libopus/Makefile    Sun Jan 22 13:04:55 2017 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.8 2016/07/21 12:24:33 wiz Exp $
+# $NetBSD: Makefile,v 1.9 2017/01/22 13:04:55 wiz Exp $
 
-DISTNAME=      opus-1.1.3
+DISTNAME=      opus-1.1.4
 PKGNAME=       lib${DISTNAME}
 CATEGORIES=    audio
 MASTER_SITES=  http://downloads.xiph.org/releases/opus/
@@ -10,7 +10,6 @@
 COMMENT=       Totally open, royalty-free, highly versatile audio codec library
 LICENSE=       modified-bsd
 
-CONFLICTS=     opus<=1.0.2
 SUPERSEDES=    opus<=1.0.2
 
 GNU_CONFIGURE= yes
diff -r ea56af9ffa0c -r 1111eaed6558 audio/libopus/distinfo
--- a/audio/libopus/distinfo    Sun Jan 22 12:55:39 2017 +0000
+++ b/audio/libopus/distinfo    Sun Jan 22 13:04:55 2017 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.7 2016/07/21 12:24:33 wiz Exp $
+$NetBSD: distinfo,v 1.8 2017/01/22 13:04:55 wiz Exp $
 
-SHA1 (opus-1.1.3.tar.gz) = 7cb1bef20975afbf14a8a43308aed9cb41629f37
-RMD160 (opus-1.1.3.tar.gz) = d498f13d81f3337a2e0b6683c09280955ec3d705
-SHA512 (opus-1.1.3.tar.gz) = 99fe272ade3f072e38101ec29f9125c9f4f2bacbcc002a9caca6e64a721f6c4193d7b1b81bd8370225693249c94293c4eea980e66c704424939dabbab890ab43
-Size (opus-1.1.3.tar.gz) = 978848 bytes
+SHA1 (opus-1.1.4.tar.gz) = c7ecd67321c0e72c928ffc1013d725fc537e633f
+RMD160 (opus-1.1.4.tar.gz) = a5cb4400e6e41be23d522cfffb04f14e1ac555f1
+SHA512 (opus-1.1.4.tar.gz) = 57f14b9e8037eaa02a4d86535d3bbcceca249310fbc9ef1a452cc19dd442d4cf338d5db241d20605c236e22549df2c8266b7486c5f1666b80c532afd52cb3585
+Size (opus-1.1.4.tar.gz) = 978830 bytes



Home | Main Index | Thread Index | Old Index