aboutsummaryrefslogtreecommitdiff
path: root/package/libsndfile
Commit message (Collapse)AuthorAgeFilesLines
* package/libsndfile: add upstream post-1.0.28 security fixesGravatar Peter Korsgaard2019-01-193-0/+171
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes the following security vulnerabilities: CVE-2017-14634: In libsndfile 1.0.28, a divide-by-zero error exists in the function double64_init() in double64.c, which may lead to DoS when playing a crafted audio file CVE-2017-17456: The function d2alaw_array() in alaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown address 0x000000000000), a different vulnerability than CVE-2017-14245 CVE-2017-17457: The function d2ulaw_array() in ulaw.c of libsndfile 1.0.29pre1 may lead to a remote DoS attack (SEGV on unknown address 0x000000000000), a different vulnerability than CVE-2017-14246 CVE-2018-13139: A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave CVE-2018-19661: An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2ulaw_array in ulaw.c that will lead to a denial of service CVE-2018-19662: An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* package/lib*: fix wrapping of Config.in help textGravatar Adam Duskett2017-07-311-3/+3
| | | | | | | | | | | | | | The check-package script when ran gives warnings on text wrapping on all of these Config files. This patch cleans up all warnings related to the text wrapping for the Config files starting with lib in the package directory. The appropriate indentation is: <tab><2 spaces><62 chars> See http://nightly.buildroot.org/#writing-rules-config-in for more information. Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* libsndfile: security bump to version 1.0.28Gravatar Peter Korsgaard2017-04-273-20/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes: CVE-2017-7585 - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. CVE-2017-7586 - In libsndfile before 1.0.28, an error in the "header_read()" function (common.c) when handling ID3 tags can be exploited to cause a stack-based buffer overflow via a specially crafted FLAC file. CVE-2017-7741 - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with write memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. CVE-2017-7742 - In libsndfile before 1.0.28, an error in the "flac_buffer_copy()" function (flac.c) can be exploited to cause a segmentation violation (with read memory access) via a specially crafted FLAC file during a resample attempt, a similar issue to CVE-2017-7585. Dop undocumented patch adjusting SUBDIRS in Makefile.in as it no longer applies. Instead pass --disable-full-suite to disable man pages, documentation and programs, as that was presumably the reason for the patch. Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* boot, package: use SPDX short identifier for LGPLv2.1/LGPLv2.1+Gravatar Rahul Bedarkar2017-04-011-1/+1
| | | | | | | | | | | We want to use SPDX identifier for license string as much as possible. SPDX short identifier for LGPLv2.1/LGPLv2.1+ is LGPL-2.1/LGPL-2.1+. This change is done using following command. find . -name "*.mk" | xargs sed -ri '/LICENSE( )?[\+:]?=/s/LGPLv2.1(\+)?/LGPL-2.1\1/g' Signed-off-by: Rahul Bedarkar <rahulbedarkar89@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* libsndfile: disable external library dependenciesGravatar Peter Seiderer2017-01-201-0/+5
| | | | | | | | | | | | | | | | | | | Fixes static linking of pifmrds [1]: host/usr/bin/arm-linux-gcc -static -o pi_fm_rds rds.o waveforms.o pi_fm_rds.o fm_mpx.o control_pipe.o -lsndfile -lm .../host/usr/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libsndfile.a(flac.o): In function `sf_flac_error_callback': flac.c:(.text+0x44c): undefined reference to `FLAC__StreamDecoderErrorStatusString' host/usr/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libsndfile.a(ogg.o): In function `ogg_close': ogg.c:(.text+0x10): undefined reference to `ogg_sync_clear' host/usr/arm-buildroot-linux-uclibcgnueabi/sysroot/usr/lib/libsndfile.a(ogg_vorbis.o): In function `vorbis_read_sample': ogg_vorbis.c:(.text+0x26c): undefined reference to `vorbis_synthesis_pcmout' [1] http://autobuild.buildroot.net/results/9b7/9b7638caa8f3e82e38fb68b0321cb649618a0131 Signed-off-by: Peter Seiderer <ps.report@gmx.net> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/libsndfile: bump version to 1.0.27Gravatar Bernd Kuhls2016-07-072-2/+2
| | | | | Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* libsndfile: security bump to version 1.0.26Gravatar Gustavo Zacarias2015-12-152-2/+2
| | | | | | | | | | Fixes: CVE-2014-9496 - SD2 buffer read overflow. CVE-2014-9756 - file_io.c divide by zero. CVE-2015-7805 - AIIF heap write overflow. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* libsndfile: add hash fileGravatar Gustavo Zacarias2015-07-161-0/+2
| | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
* packages: remove (non-)lfs dependencies and tweaksGravatar Gustavo Zacarias2015-04-011-7/+0
| | | | | | | | Now that largefile is mandatory removes package dependencies and conditionals. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/*: rename patches according to the new policyGravatar Peter Korsgaard2015-02-031-0/+0
| | | | | | | Autogenerated from rename-patch.py (http://patchwork.ozlabs.org/patch/403345) Signed-off-by: Samuel Martin <s.martin49@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* libsndfile: add licensing infoGravatar Gustavo Zacarias2013-12-111-0/+2
| | | | | Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* Config.in files: unify comments of toolchain option dependenciesGravatar Thomas De Schampheleire2013-10-141-1/+1
| | | | | | | | This patch lines up the comments in Config.in files that clarify which toolchain options the package depends on. Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
* Normalize separator size to 80Gravatar Alexandre Belloni2013-06-061-2/+2
| | | | | Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* libsndfile: Add dependency on BR2_LARGEFILEGravatar Ryan Mallon2013-02-051-0/+7
| | | | | | | | | | | | | | | | | | | libsndfile requires sizeof(sf_count_t) == 8, where sf_count_t is a typedef alias for off_t. This is not true by default for all tool-chains, which leads to a runtime assert failure in binaries compiled against libsndfile. See: http://permalink.gmane.org/gmane.comp.audio.libsndfile.devel/229 Add a dependency on BR2_LARGEFILE for libsndfile, and a comment if BR2_LARGEFILE is not selected. [Thomas: rebased patch, added more propagation of the new BR2_LARGEFILE dependency to gst-plugins-good and mpd.] Signed-off-by: Ryan Mallon <rmallon@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* all packages: rename XXXTARGETS to xxx-packageGravatar Arnout Vandecappelle (Essensium/Mind)2012-07-171-1/+1
| | | | | | | | | | | | | Also remove the redundant $(call ...). This is a purely mechanical change, performed with find package linux toolchain boot -name \*.mk | \ xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \ -e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \ -e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/' Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
* package/multimedia: move audio libraries outGravatar Gustavo Zacarias2012-05-053-0/+36
| | | | | | | | Move audio libraries out of the Audio and Video category into the Libraries/Audio one. Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
* audio: Move all audio packages into audio subdirGravatar Daniel Laird2008-09-053-83/+0
| | | | | | | | Moved all audio packages into a subdir called audio. I then created a Config.in and made sure that a audio.mk existed. Daniel Laird
* buildroot: remove trailing spacesGravatar Peter Korsgaard2008-08-041-2/+2
| | | | | | | for i in `find -name 'Config*' -o -name 'Makefile*' -o -name '*.mk'`; do sed -i 's/ \+$//' $i; done
* Kconfig: remove 'default n'Gravatar Peter Korsgaard2008-07-171-1/+0
| | | | 'default n' is the default, so there's no need to say it explicitly.
* - make sure that configure doesn't see a wrong cacheGravatar Bernhard Reutner-Fischer2007-09-251-1/+1
|
* - fixes and cleanups (Cristian Ionescu-Idbohrn)Gravatar Bernhard Reutner-Fischer2007-09-191-4/+6
|
* - sed -i -e "/;$/s/;$//g" $(egrep ";$" package/* package/*/*.mk toolchain/* ↵Gravatar Bernhard Reutner-Fischer2007-08-211-1/+1
| | | | toolchain/*/*.mk */Makefile.in -l)
* Use <package>_VERSION in all <package>.mk instead of <package>_VERGravatar Ulf Samuelsson2007-07-111-3/+3
|
* - add endian handling, mmap, memcmp checks to TARGET_CONFIGURE_ARGSGravatar Bernhard Reutner-Fischer2007-06-271-1/+1
| | | | - use TARGET_CONFIGURE_ARGS where appropriate.
* - Fixed a type in the binary target and also install to staging_dir (Julien ↵Gravatar Bernhard Reutner-Fischer2007-06-231-6/+8
| | | | | | Letessier) - make sure that -clean also wipes the staging_dir files.
* libsndfile package. Closes #1325Gravatar Peter Korsgaard2007-04-243-0/+80