Hello community, here is the log from the commit of package csound for openSUSE:Factory checked in at 2012-03-01 17:19:05 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/csound (Old) and /work/SRC/openSUSE:Factory/.csound.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "csound", Maintainer is "tiwai@suse.com" Changes: -------- --- /work/SRC/openSUSE:Factory/csound/csound.changes 2011-09-23 11:43:26.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.csound.new/csound.changes 2012-03-01 17:19:08.000000000 +0100 @@ -1,0 +2,16 @@ +Mon Feb 27 12:04:56 CET 2012 - tiwai@suse.de + +- updated to version 5.16.6, including a fix for + VUL-0: CVE-2012-0270: csound: two buffer overflow flaws in + getnum() (bnc#749073) +- drop obsoleted patches + +------------------------------------------------------------------- +Sun Jan 8 15:04:23 UTC 2012 - prusnak@opensuse.org + +- updated to version 5.15.0 +- drop unused patches +- fix wrong memset and strncat usage ({memset,strncat}-fix.patch) +- create -devel subpackage + +------------------------------------------------------------------- Old: ---- Csound5.06.0.tar.bz2 csound-alsa-fix.diff csound-gcc-warning-fix.diff csound-python-2.6-fix.diff csound-sanitize-sys.patch csound-tmpnam-fix.diff New: ---- Csound5.16.6.tar.gz csound-strncat-fix.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ csound.spec ++++++ --- /var/tmp/diff_new_pack.BUDADC/_old 2012-03-01 17:19:10.000000000 +0100 +++ /var/tmp/diff_new_pack.BUDADC/_new 2012-03-01 17:19:10.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package csound # -# Copyright (c) 2011 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2012 SUSE LINUX Products GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,28 +16,37 @@ # +%define support_fltk 0 Name: csound -%define support_fltk 0 -BuildRequires: alsa-devel fdupes fluidsynth-devel gcc-c++ jack-devel liblo-devel libsndfile-devel portaudio-devel python-devel scons swig +BuildRequires: alsa-devel +BuildRequires: bison +BuildRequires: fdupes +BuildRequires: flex +BuildRequires: fluidsynth-devel +BuildRequires: gcc-c++ +BuildRequires: jack-devel +BuildRequires: liblo-devel +BuildRequires: libsndfile-devel +BuildRequires: portaudio-devel +BuildRequires: python-devel +BuildRequires: scons +BuildRequires: swig %if %support_fltk -BuildRequires: fltk-devel libjpeg-devel libpng-devel xorg-x11-devel +BuildRequires: fltk-devel +BuildRequires: libjpeg-devel +BuildRequires: libpng-devel +BuildRequires: xorg-x11-devel %endif +Version: 5.16.6 +Release: 0 Summary: Computer Sound Synthesis and Composition Program -Version: 5.06.0 -Release: 130 License: GFDL-1.2 ; LGPL-2.1+ ; MIT Group: Productivity/Multimedia/Sound/Utilities -Source: Csound%{version}.tar.bz2 -Source1: README.SuSE -Patch: csound-alsa-fix.diff -Patch1: csound-tmpnam-fix.diff -Patch2: csound-gcc-warning-fix.diff -Patch3: csound-python-2.6-fix.diff -Patch4: csound-sanitize-sys.patch Url: http://www.csounds.com -AutoReq: on -Autoprov: off +Source: Csound%{version}.tar.gz +Source1: README.SuSE +Patch3: %{name}-strncat-fix.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -46,59 +55,64 @@ For detailed information, refer to http://www.csounds.com. +%package devel +Summary: Development files for Csound +Group: System/Libraries +Requires: %{name} = %{version} +Provides: %{name}-devel-static = %{version} +%description devel +Development files for Csound. %prep %setup -q -n Csound%{version} -%patch -%patch1 -%patch2 %patch3 -%patch4 -p1 +# remove __DATE__ from source files, causes unnecessary rebuilds +sed -i 's:__DATE__:"":' Engine/musmon.c frontends/CsoundVST/CsoundVstFltk.cpp Top/main.c +# copy readme cp %{SOURCE1} . # fix encoding -iconv -f latin1 -t utf8 readme-csound5.txt > readme-csound5.txt.utf8 -mv readme-csound5.txt.utf8 readme-csound5.txt +iconv -f latin1 -t utf8 readme-csound5.txt > README test -f custom.py || cp custom.py.mkg custom.py %build -%if %_lib == "lib64" +%if %{_lib} == "lib64" args="Word64=1" %else args="" %endif scons prefix=%{_prefix} buildRelease=1 $args \ - customCCFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" \ - customCXXFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" + customCCFLAGS="%{optflags} -fno-strict-aliasing" \ + customCXXFLAGS="%{optflags} -fno-strict-aliasing" %install -%if %_lib == "lib64" +%if %{_lib} == "lib64" args="--word64" %else args="" %endif -./install.py --prefix=%{_prefix} --instdir="$RPM_BUILD_ROOT" $args -rm -f $RPM_BUILD_ROOT%{_prefix}/csound5-*.md5sums -rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/csound +./install.py --prefix=%{_prefix} --instdir=%{buildroot} $args +rm -f %{buildroot}%{_prefix}/csound5-*.md5sums +rm -rf %{buildroot}%{_datadir}/doc/csound # rename conflicting binary names -mv $RPM_BUILD_ROOT%{_bindir}/sndinfo $RPM_BUILD_ROOT%{_bindir}/csndinfo -mv $RPM_BUILD_ROOT%{_bindir}/extract $RPM_BUILD_ROOT%{_bindir}/csound-extract -# remove devel files -rm -f $RPM_BUILD_ROOT%{_libdir}/*.a -rm -rf $RPM_BUILD_ROOT%{_includedir} -%fdupes -s $RPM_BUILD_ROOT +mv %{buildroot}%{_bindir}/sndinfo %{buildroot}%{_bindir}/csndinfo +mv %{buildroot}%{_bindir}/extract %{buildroot}%{_bindir}/csound-extract +%fdupes -s %{buildroot} +%find_lang %{name}5 %post -p /sbin/ldconfig %postun -p /sbin/ldconfig -%files +%files -f %{name}5.lang %defattr(-,root,root) -%doc COPYING ChangeLog INSTALL readme-csound5.txt README.SuSE +%doc AUTHORS COPYING ChangeLog README README.SuSE %{_bindir}/* -%{_libdir}/csound -%{_datadir}/csound -# %{_includedir}/* -# %{_libdir}/lib* +%{_libdir}/csound/ + +%files devel +%defattr(-,root,root) +%{_includedir}/csound/ +%{_libdir}/libcsound.a %changelog ++++++ csound-strncat-fix.patch ++++++ Index: OOps/dumpf.c =================================================================== --- OOps/dumpf.c.orig +++ OOps/dumpf.c @@ -175,19 +175,19 @@ static void nkdump(CSOUND *csound, MYFLT outbuf[0] = '\0'; while (--nk) { sprintf(buf1, "%ld\t", (long) *kp++); - strncat(outbuf, buf1, 256); + strncat(outbuf, buf1, sizeof(outbuf)-strlen(buf1)-1); } sprintf(buf1, "%ld\n", (long) *kp); - strncat(outbuf, buf1, 256); + strncat(outbuf, buf1, sizeof(outbuf)-strlen(buf1)-1); len = strlen(outbuf); break; case 8: *outbuf = '\0'; while (--nk) { sprintf(buf1, "%6.4f\t", *kp++); - strncat(outbuf, buf1, 256); + strncat(outbuf, buf1, sizeof(outbuf)-strlen(buf1)-1); } sprintf(buf1, "%6.4f\n", *kp); - strncat(outbuf, buf1, 256); + strncat(outbuf, buf1, sizeof(outbuf)-strlen(buf1)-1); len = strlen(outbuf); break; default: csound->Die(csound, Str("unknown kdump format")); -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org