Package Release Info

libmysofa-0.9.1-bp152.4.3.1

Update Info: openSUSE-2021-459
Available in Package Hub : 15 SP2 Update

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

libmysofa-devel

libmysofa0

libmysofa0-64bit

Change Logs

* Mon Mar 15 2021 Mia Herkt <mia@0x0.st>

- Added security backports:
  * 0001-Fix-negative-values-for-malloc.patch
    gh#hoene/libmysofa#130
  * 0002-dataobject.c-fix-stack-buffer-overflow.patch
    gh#hoene/libmysofa#136 - CVE-2020-36152 - boo#1181977
  * 0003-tools.c-Fix-NULL-pointer-derefs.patch
    gh#hoene/libmysofa#138 - CVE-2020-36148 - boo#1181981
    gh#hoene/libmysofa#137 - CVE-2020-36149 - boo#1181980
  * 0004-loudness.c-fix-heap-buffer-overflow.patch
    gh#hoene/libmysofa#134 - CVE-2020-36151 - boo#1181978
    gh#hoene/libmysofa#135 - CVE-2020-36150 - boo#1181979
  * 0005-Fixed-an-additional-recursive-problem.patch
    gh#hoene/libmysofa#96 - CVE-2020-6860 - boo#1182883

* Sun Jan 05 2020 Martin Herkt <9+suse@cirno.systems>

- Update to version 0.9.1
  * Extended angular neighbor search to 'close the sphere'
  * Added and exposed mysofa_getfilter_float_nointerp method
  * CVE-2019-20063: hdf/dataobject.c in libmysofa before 0.8 has
    an uninitialized use of memory, as demonstrated by
    mysofa2json [boo#1160040]
  * CVE-2019-20016: improper restriction of recursive function
    calls in readOHDRHeaderMessageDatatype in dataobject.c and
    directblockRead in fractalhead.c may lead to stack
    consumption [boo#1159839]
  * CVE-2019-16091: out-of-bounds read in directblockRead in
    hdf/fractalhead.c [boo#1149919]
  * CVE-2019-16095: invalid read in getDimension in hrtf/reader.c
    [boo#1149926]
  * CVE-2019-16094: invalid read in
    readOHDRHeaderMessageDataLayout in hdf/dataobject.c
    [boo#1149924]
  * CVE-2019-16093: invalid write in
    readOHDRHeaderMessageDataLayout in hdf/dataobject.c
    [boo#1149922]
  * CVE-2019-16092: NULL pointer dereference in getHrtf in
    hrtf/reader.c [boo#1149920]
- Drop libmysofa-0-pkgconfig-paths.patch

Version: 0.7-bp152.3.20

Version: 0.7-bp151.1.4

* Sun Mar 31 2019 Martin Herkt <9+suse@cirno.systems>

- Update to version 0.7
  * fixed two important security holes
    CVE-2019-10672
    boo#1131106
  * fixed bug mysofa_interpolate when interpolation is not needed
  * fixed bug with simple hrtf lookup
  * added advanced open function and various enhancements
  * fixed memory leak in lookup.c
- Drop libmysofa-0-gnu-install-dirs.patch
- Add libmysofa-0-pkgconfig-paths.patch

* Mon Apr 30 2018 jengelh@inai.de

- Ensure neutrality of description. Adjust RPM groups.

* Wed Apr 25 2018 9+suse@cirno.systems

- Init, 0.6