Hello community, here is the log from the commit of package vlc for openSUSE:Factory checked in at 2017-12-02 13:10:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/vlc (Old) and /work/SRC/openSUSE:Factory/.vlc.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "vlc" Sat Dec 2 13:10:35 2017 rev:74 rq:545872 version:2.2.8 Changes: -------- --- /work/SRC/openSUSE:Factory/vlc/vlc.changes 2017-11-23 09:35:57.419028733 +0100 +++ /work/SRC/openSUSE:Factory/.vlc.new/vlc.changes 2017-12-02 13:10:37.002490354 +0100 @@ -1,0 +2,26 @@ +Sun Nov 26 23:21:35 UTC 2017 - joerg.lorenzen@ki.tng.de + +- Update to version 2.2.8: + + Demuxers: Fix AVI invalid pointer dereferences. + + Updated translations. +- Changes from version 2.2.7: + + Decoders: + - Fix flac heap write overflow on format change. + - Fix crash in libavcodec module (heap write out-of band) + CVE-2017-10699. + - Fix infinite loop in sami subtitle. + - Fix AAC 7.1 channels detection. + - Fix potential crash in ASX parser. + + Mac OS X: + - Fix compatibility with macOS High Sierra. + - Fix regression in ASS subtitle decoding. + - Fix crash during automatic update. Some users might need to + manually update to the newest version. + + Video Output: Fix Direct3D9 output with odd offsets. + + Misc: + - Fix crash in MTP. + - Support libupnp 1.8. + + Updated translations. +- Removed vlc-flac-heap-overflow.patch, fixed upstream. + +------------------------------------------------------------------- Old: ---- vlc-2.2.6.tar.xz vlc-flac-heap-overflow.patch New: ---- vlc-2.2.8.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ vlc.spec ++++++ --- /var/tmp/diff_new_pack.C9mft7/_old 2017-12-02 13:10:38.458437321 +0100 +++ /var/tmp/diff_new_pack.C9mft7/_new 2017-12-02 13:10:38.458437321 +0100 @@ -35,7 +35,7 @@ # VNC support - the module is not really usable in most cases tested so far (e.g. against qemu-kvm -vnc :xx) %bcond_with vnc Name: vlc -Version: 2.2.6 +Version: 2.2.8 Release: 0 Summary: Graphical media player License: GPL-2.0+ AND LGPL-2.1+ @@ -55,7 +55,6 @@ Patch7: vlc.a52.patch # PATCH-FIX-OPENSUSE vlc-projectM-qt5.patch -- link to libprojectM-qt5 Patch8: vlc-projectM-qt5.patch -Patch9: vlc-flac-heap-overflow.patch BuildRequires: Mesa-devel BuildRequires: SDL-devel >= 1.2.10 BuildRequires: aalib-devel @@ -360,7 +359,6 @@ %if 0%{?suse_version} > 1320 %patch8 -p1 %endif -%patch9 -p1 ### Fix up sources for LUA 5.3 if pkg-config --atleast-version 5.3 lua; then ++++++ vlc-2.2.6.tar.xz -> vlc-2.2.8.tar.xz ++++++ /work/SRC/openSUSE:Factory/vlc/vlc-2.2.6.tar.xz /work/SRC/openSUSE:Factory/.vlc.new/vlc-2.2.8.tar.xz differ: char 26, line 1