commit xine-lib for openSUSE:Factory
Hello community, here is the log from the commit of package xine-lib for openSUSE:Factory checked in at Thu Jan 29 01:28:30 CET 2009. -------- --- xine-lib/xine-lib.changes 2009-01-07 14:14:20.000000000 +0100 +++ xine-lib/xine-lib.changes 2009-01-27 19:31:59.000000000 +0100 @@ -1,0 +2,44 @@ +Tue Jan 27 19:27:37 CET 2009 - mhopf@suse.de + +- Update to 1.1.16.1: + + * Security fixes: + - Heap overflow in Quicktime atom parsing. (CVE-2008-5234) + - Multiple buffer overflows. (CVE-2008-5236) + - Multiple integer overflows. (CVE-2008-5237) + - Unchecked or incompletely-checked read function results. (CVE-2008-5239) + - Unchecked malloc using untrusted values. (CVE-2008-5240, CVE-2008-5242) + - Integer underflow in qt compressed atom handling. (CVE-2008-5241) + - Buffer indexing using untrusted or unchecked values. (CVE-2008-5243) + - Integer overflows in the ffmpeg audio decoder and the CDDA server. + - Heap buffer overflow in the ffmpeg video decoder. + - Avoid segfault on invalid track type in Matroska files. + - Avoid underflow (compressed atoms) in the Qt demuxer. + * Fix reported compilation failures (with C++ programs). + * Fix CDDB access in 64-bit builds. + * Fix seeking FLV clips that don't specify the movie length in the headers. + * Support H.264 and AAC streams within FLV. + * Fix timing issues (broken audio) on mingw. + * Add ID3 tag TDRC to replace/complement the deprecated tag TYER. + * Add a new meta-tag, "Composer", and use it in the FLAC demuxer. + * Correct AAC channel ordering for multi-channel audio, at least for FLAC + when using ALSA or PulseAudio. (Needs a proper fix.) + * Add position-based seeking independent from seekpoints. + * Fix some XCB Xv attribute configuration breakage. + * Add a configuration option for Xv bicubic filtering, implemented in + xf86-video-ati 6.9.1. + * Recognise Xv "blitter" adaptors for port selection purposes. + NOTE: you will need to remove ~/.xine/catalog.cache when upgrading from + xine-lib 1.1.15 or older if you wish to use this extra option. + * Fix MMS media requests where the URI contains %-encoded characters. + * Fix two hangs related to stopping playback of broken audio streams where + no audio data is sent to the output thread. + * Fix WAV demuxer to send the last frames when they don't fit perfectly into + the buffer + * Fix build with older ffmpeg, both internal and in Debian 5.0. + * Add version check for CACA library and disable CACA plugin if needed + * Fix playback of some H.264 files (broken in 1.1.16). + * Various other build & bug fixes. + * Some FAQ list updates. + +------------------------------------------------------------------- calling whatdependson for head-i586 Old: ---- xine-lib-1.1.14-asprintf-typo.diff xine-lib-1.1.15-autoconf.diff xine-lib-1.1.15-cpp-compilation.diff xine-lib-1.1.15-crippled.tar.bz2 xine-lib-1.1.15-demux_str.diff xine-lib-1.1.15-ffmpeg.diff xine-lib-1.1.15.tar.bz2 New: ---- xine-lib-1.1.16.1-crippled.tar.bz2 xine-lib-1.1.16.1.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xine-lib.spec ++++++ --- /var/tmp/diff_new_pack.f11667/_old 2009-01-29 01:23:08.000000000 +0100 +++ /var/tmp/diff_new_pack.f11667/_new 2009-01-29 01:23:08.000000000 +0100 @@ -1,5 +1,5 @@ # -# spec file for package xine-lib (Version 1.1.15) +# spec file for package xine-lib (Version 1.1.16.1) # # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # @@ -93,9 +93,10 @@ %if %{with modplug} BuildRequires: libmodplug %endif -Version: 1.1.15 -Release: 21 -%define abiversion 1.24 +Version: 1.1.16.1 +Release: 1 +# XINE_MAJOR.XINE_LT_CURRENT in configure.ac +%define abiversion 1.25 # bug437293 %ifarch ppc64 Obsoletes: xine-lib-64bit @@ -114,11 +115,7 @@ Source99: precheckin_cripple_tarball.sh # *** xine-lib: Bugfixes Patch26: xine-lib-doc-fix-X11R6.diff -Patch27: xine-lib-1.1.14-asprintf-typo.diff Patch28: xine-lib-1.1.14-ia64-is-not-alpha.diff -Patch29: xine-lib-1.1.15-cpp-compilation.diff -Patch30: xine-lib-1.1.15-demux_str.diff -Patch31: xine-lib-1.1.15-autoconf.diff # *** Addons Patch50: vdr-xine-0.8.2.diff.bz2 Patch51: vdr-xine-SUSE.diff @@ -131,8 +128,6 @@ Patch74: xine-configure.diff # *** Only working for noncrippled source Patch80: xine-lib-various-noncrippled.diff -# ffmpeg api change -Patch81: xine-lib-1.1.15-ffmpeg.diff %description xine is a free multimedia player. It plays back CDs, DVDs, and VCDs. It @@ -466,11 +461,7 @@ fi cd xine-lib-%{version} %patch26 -%patch27 -p1 %patch28 -p1 -%patch29 -p1 -%patch30 -p1 -%patch31 -p1 %patch50 -p1 %patch51 -p1 sed -i 's|^noinst_HEADERS = input_vdr.h|xineinclude_HEADERS = input_vdr.h|' src/vdr/Makefile.am @@ -481,7 +472,6 @@ # Only apply to uncrippled source %if !%{with distributable} %patch80 -%patch81 -p1 %endif %patch72 -p1 %patch73 -p1 @@ -813,6 +803,46 @@ %endif %changelog +* Tue Jan 27 2009 mhopf@suse.de +- Update to 1.1.16.1: + * Security fixes: + - Heap overflow in Quicktime atom parsing. (CVE-2008-5234) + - Multiple buffer overflows. (CVE-2008-5236) + - Multiple integer overflows. (CVE-2008-5237) + - Unchecked or incompletely-checked read function results. (CVE-2008-5239) + - Unchecked malloc using untrusted values. (CVE-2008-5240, CVE-2008-5242) + - Integer underflow in qt compressed atom handling. (CVE-2008-5241) + - Buffer indexing using untrusted or unchecked values. (CVE-2008-5243) + - Integer overflows in the ffmpeg audio decoder and the CDDA server. + - Heap buffer overflow in the ffmpeg video decoder. + - Avoid segfault on invalid track type in Matroska files. + - Avoid underflow (compressed atoms) in the Qt demuxer. + * Fix reported compilation failures (with C++ programs). + * Fix CDDB access in 64-bit builds. + * Fix seeking FLV clips that don't specify the movie length in the headers. + * Support H.264 and AAC streams within FLV. + * Fix timing issues (broken audio) on mingw. + * Add ID3 tag TDRC to replace/complement the deprecated tag TYER. + * Add a new meta-tag, "Composer", and use it in the FLAC demuxer. + * Correct AAC channel ordering for multi-channel audio, at least for FLAC + when using ALSA or PulseAudio. (Needs a proper fix.) + * Add position-based seeking independent from seekpoints. + * Fix some XCB Xv attribute configuration breakage. + * Add a configuration option for Xv bicubic filtering, implemented in + xf86-video-ati 6.9.1. + * Recognise Xv "blitter" adaptors for port selection purposes. + NOTE: you will need to remove ~/.xine/catalog.cache when upgrading from + xine-lib 1.1.15 or older if you wish to use this extra option. + * Fix MMS media requests where the URI contains %%-encoded characters. + * Fix two hangs related to stopping playback of broken audio streams where + no audio data is sent to the output thread. + * Fix WAV demuxer to send the last frames when they don't fit perfectly into + the buffer + * Fix build with older ffmpeg, both internal and in Debian 5.0. + * Add version check for CACA library and disable CACA plugin if needed + * Fix playback of some H.264 files (broken in 1.1.16). + * Various other build & bug fixes. + * Some FAQ list updates. * Wed Jan 07 2009 olh@suse.de - obsolete old -XXbit packages (bnc#437293) * Thu Nov 27 2008 ro@suse.de ++++++ xine-lib-1.1.14-ia64-is-not-alpha.diff ++++++ --- /var/tmp/diff_new_pack.f11667/_old 2009-01-29 01:23:08.000000000 +0100 +++ /var/tmp/diff_new_pack.f11667/_new 2009-01-29 01:23:08.000000000 +0100 @@ -7,11 +7,11 @@ configure.ac | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) -diff --git a/configure.ac b/configure.ac -index af881fc..93b2a95 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -2332,10 +2332,13 @@ case "$host_or_hostalias" in +Index: xine-lib-1.1.16.1/configure.ac +=================================================================== +--- xine-lib-1.1.16.1.orig/configure.ac ++++ xine-lib-1.1.16.1/configure.ac +@@ -2311,10 +2311,13 @@ case "$host_or_hostalias" in mips-*) AC_DEFINE_UNQUOTED(FPM_MIPS,,[Define to select libmad fixed point arithmetic implementation]) ;; @@ -26,6 +26,3 @@ armv4l-*-linux*) AC_DEFINE_UNQUOTED(FPM_ARM,,[Define to select libmad fixed point arithmetic implementation]) AC_DEFINE_UNQUOTED(ARCH_ARM,,[Define this if you're running ARM architecture]) --- -1.5.6 - ++++++ xine-lib-1.1.15-crippled.tar.bz2 -> xine-lib-1.1.16.1-crippled.tar.bz2 ++++++ ++++ 304913 lines of diff (skipped) ++++++ xine-lib-1.1.15-crippled.tar.bz2 -> xine-lib-1.1.16.1.tar.bz2 ++++++ xine-lib/xine-lib-1.1.15-crippled.tar.bz2 xine-lib/xine-lib-1.1.16.1.tar.bz2 differ: byte 11, line 1 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de