Package Release Info


Update Info: openSUSE-2018-185
Available in Package Hub : 12 SP3-SP5





Change Logs

* Thu Feb 15 2018
- Added patches:
  * CVE-2017-11332.patch: Fixed the startread function in wav.c, which allowed
    remote attackers to cause a DoS (divide-by-zero) via a crafted wav file.
    (CVE-2017-11332 bsc#1081140)
  * CVE-2017-11358.patch: Fixed the read_samples function in hcom.c, which
    allowed remote attackers to cause a DoS (invalid memory read) via a crafted
    hcom file. (CVE-2017-11358 bsc#1081141)
  * CVE-2017-11359.patch: Fixed the wavwritehdr function in wav.c, which
    allowed remote attackers to cause a DoS (divide-by-zero) when converting a
    a crafted snd file to a wav file. (CVE-2017-11359 bsc#1081142)
  * CVE-2017-15370.patch: Fixed a heap-based buffer overflow in the ImaExpandS
    function of ima_rw.c, which allowed remote attackers to cause a DoS during
    conversion of a crafted audio file. (CVE-2017-15370 bsc#1063439)
  * CVE-2017-15371.patch: Fixed an assertion abort in the function
    sox_append_comment() in formats.c, which allowed remote attackers to cause
    a DoS during conversion of a crafted audio file. (CVE-2017-15371
  * CVE-2017-15372.patch: Fixed a stack-based buffer overflow in the
    lsx_ms_adpcm_block_expand_i function of adpcm.c, which allowed remote
    attackers to cause a DoS during conversion of a crafted audio file.
    (CVE-2017-15372 bsc#1063456)
  * CVE-2017-15642.patch: Fixed an Use-After-Free vulnerability in
    lsx_aiffstartread in aiff.c, which could be triggered by an attacker by
    providing a malformed AIFF file. (CVE-2017-15642 bsc#1064576)
  * CVE-2017-18189.patch: Fixed a NULL pointer dereference triggered by a
    corrupt header specifying zero channels in the startread function in
    xa.c, which allowed remote attackers to cause a DoS (CVE-2017-18189
- Removed sox-doublefree.patch
Version: 14.4.2-2.1
* Tue Sep 22 2015
- Update to 14.4.2
  o Add optional support for reading Ogg Opus files.
  o Fix for max size text chunks in aiff files.
  o Add reading support for RF64 WAV files.
  o Work around for libsndfile created RF64 files with invalid
  o Detect MS ADPCM WAV files with invalid blocks.
  o Detect Sphere files with invalid header sizes.
  o 'Deemph' can now also be used at 48kHz sample rate.
  o 'Rate' now much faster in many cases.
  o Allow sending spectrograms to stdout.
  o Allow use of Dolph window with spectrograms.
  o Allow mixing time and sample-count arguments for the delay
    effect, and for spectrogram -S and -d.
  o Support multi-channel LADSPA plugins.
  o Support infinite repetition with repeat.
  o Improved pink noise frequency response in synth.
  o Extended syntax for specifying audio positions to several
  o Fix integer overflow in mcompand. [3590093]
  o Add optional latency compenstation for LADSPA plugins.
  o New -p option for soxi to display sample precision.
  o New libsox example6: give explicit output attributes.
  o Speed optimization for effects that operate on channels
  o Fix memory leaks.
  o Most internal symbols (lsx_*) are no longer exported.
- Drop sox-14.4.0-ocloexec.patch as it brings little enhancement
  and there has been no activity at upstreaming it
- Enable ffmpeg and opus by default
* Wed Sep 11 2013
- Update to version 14.4.1
  o Fix pipe file-type detection regression
  o MAUD write fixes
  o Fix crash when seeking within a FLAC file
  o Fix Ogg Vorbis files with certain numbers of channels being
  o Fix reading 64-bit float WAVs
  o Fix potential buffer overrun when writing FLAC files directly via
  o Check whether pulseaudio is available before choosing it as
  o Restore 8 seconds default for spectrogram, if the input length is
    not known
  o Set output length for splice to unknown instead of 0
  o Increase maximum width for spectrograms
  o Fix memory leaks in LADSPA effect
  o Fix hang in several effects (rate, tempo, and those based on
    dft_filter) when processing long files
  o Prevent (m)compand from tampering with their arguments
  o Fix input length calculation for combine methods other than
  o Fix to to work with Autoconf 2.69
- Rebase sox-14.4.0-ocloexec.patch
* Thu Feb 07 2013
- sox-14.4.0-ocloexec.patch: edited, config.h must be included
  _everywhere_ and GNU_SOURCE defined so O_CLOEXEC is available
  for all targets.
* Sat Nov 17 2012
- Disable OSS support, alsa and pulse are enough for us now.
* Sat Apr 14 2012
- Update to version 14.4.0
  o Add floating point encodings in AIFF-C files.
  o Pad WAV data chunks to an even number of bytes.
  o Made Pulse Audio driver the default driver.
  o Lots of improvements to man pages.
  o New upsample, hilbert, and downsample effects.
  o Fix fading bugs.
  o Enable --plot on biquad and fir effects.
  o Now effects chain can be unlimitted length.
  o Fix newfile/restart effects when merging or mixing files.
  o Fix crash in compand and mcompand effect.
  o Improved audio length calculations when using effects.
  o New trim effect with enhanced capabilities.
  o Improved large file support.
  o MP2 write support.
- Split librarires to follow SLPP
- Optionally enable twolame support
- Use pkgconfig() style BuildRequires
- Update ocloexec patch to apply to the new version
- Remove audioio.h/sunaudio support
- Remove unneeded ncurses BuildRequire
- Remove patches not needed anymore (sox-14.3.2-new_ffmpeg.patch,
  sox-14.3.1-undefined.patch and sox-14.3.1-aliasing.patch)
* Sun Nov 27 2011
- fix build on < 12.1 by not applying the O_CLOEXEC patch there as it is not in
  the glibc
- fix build on >= 12.1 by adding ncurses-devel to the BuildRequires
* Fri Nov 18 2011
- libsox: Use O_CLOEXEC where needed, this is specially important
  in library code and even more here as threading is used.
* Mon Jun 27 2011
- remove _service file, way too fragile (see sr#74395)
* Wed Jun 22 2011
- make it support new ffmpeg versions
- remove buildstamp without modifying the output
- use opencore-amr for AMR support
* Tue Mar 01 2011
- Update to version 14.3.2
  o Seek support for MP3 files.
  o Fix WavPack header bugs.
  o Fix length error in 24-bit RIFF files.
  o Add default channel mapping to 24-bit RIFF files.
  o Fix ffmpeg crashes on some CPU's.
  o Read wider range of WAV files with chunks embedded.
  o Fix incorrect MP3 length determination with some VBR files with initial silence.
  o Enable LADSPA support by default on all platforms if libltdl exists.
  o Allow now legend on spectrogram.
  o Fix -w option on stat effect.
  o Support specifying absolute end position instead of offset from beginning of trim operation.
* Tue Sep 21 2010
- Add libmagic support
- Added sox-14.3.1-undefined.patch and sox-14.3.1-aliasing.patch
- Run spec-cleaner and general cleanup
- Fix MP3 support linking directly against needed libraries
- Fix License tag
* Tue Apr 13 2010
- Update to version 14.3.1, remove sox-14.2.0-vorbis.patch due to
  vorbis1.h no longer existing. Fix sox-no_buildstamp.patch.
- LibSoX interface changes:
  o Added new variants of sox_open to allow read/write from/to memory
    buffers (in POSIX 2008 environment); see example5.c.  (robs)
- File formats:
  o New Grandstream ring-tone (gsrt) format.  (robs)
  o CVSD encode/decode speed-ups.  (Kimberly Rockwell, P. Chaintreuil)
  o Fix failed writing 24-bit PAF files (and possibly other libsndfile
    based formats).  (cbagwell)
  o Allow libsndfile to be dlopen()'ed at runtime if --enable-dl-sndfile
    is used. (Doug Cook)
  o Allow amr-nb/amr-wb to be dlopen()'ed at runtime if
  - -enable-dl-amrwb or --enable-dl-amrnb is used. (Doug Cook)
  o amrnb and amrwb formats can optionally use opencore-amr libraries.
- Audio device drivers:
  o Add 32-bit support to ALSA driver.  (Pavel Hofman)
- Effects:
  o Fix [2254919] silence doesn't trim digital silence correctly.  (robs)
  o Fix [2859842] stats effect crashes on 64-bit arch.  (Ulrich Klauer)
- Other new features:
  o Added libSoX example #4: concatenating audio files.  (robs)
  o Show soxi version & usage information when no args given.  (robs)
- Other bug fixes:
  o Fix build so that grouped files (e.g. play -r 6k "*.vox" plays all
    at 6k) works.  (robs)
  o Fix build to support auto file type detection with pipes on FreeBSD
    and elsewhere.  (Dan Nelson)
  o Fix simultaneous play & rec not working.  (robs)
  o Fix missing documentation for -R (repeatable), and pulseaudio driver.
  o Fix memory leak of format private data.  (Slawomir Testowy)
- Internal improvements:
  o Move bit-rot detection support files to sub-directory (could
    previously cause build problems).  (robs)
  o Added utilities to help any format handler dlopen() external
    libraries at run time instead of link time. (Doug Cook)
* Sun Dec 13 2009
- Remove buildstamp to help build-compare
* Thu Jun 25 2009
- made ffmpeg, mad, lame, amrwb and amrnb support build conditional
- enable PulseAudio support
* Mon Jun 22 2009
- updated to 14.3.0
  * LibSoX interface changes:
    o sox_format_init() has been supeseded by sox_init().
    o Removed obsolete error codes (SOX_E...); new sox_strerror()
    function to convert error codes to text.
    o Use of sox_effect_options() is now mandatory when initialising an
    effect (see example0.c for an example of this).
    o sox_flow_effects() has a new (3rd) parameter: a void pointer
    `client_data' that is passed as a new (2nd) parameter to the flow
    callback function.  client_data may be NULL.
  * File formats:
    o Slight improvement to A-law/u-law conversion accuracy: round LSB
    instead of truncating.  (robs)
    o Fix length in wav header with multi-channel output to pipe.  (robs)
    o Fix [2028181] w64 float format incompatibility.  (Tim Munro)
    o Fix reading AIFF files with pad bytes in COMT chunks. (Joe Holt)
    o Fix AIFF file length bug to stop reading trash data on files that
    have extra chunks at end of file. (Joe Holt)
    o Fix file length being 4 bytes short for AIFF sowt CD tracks. (Joe Holt)
    o Fix [2404566] segfault when converting from MS ADPCM wav file.  (robs)
    o Fix slight FLAC seek inaccuracy e.g. when using `trim' effect.  (robs)
    o Fix mp3 decode sometimes being up to a block short.  (robs)
    o Fix not outputing GSM-in-wav when input is GSM-in-wav.  (robs)
  * Audio device drivers:
    o New native OpenBSD audio handler for play/recording.  (Alexandre Ratchov)
    o 24-bit support for ALSA handler.  (robs)
    o Warn if ALSA under/overrun.  (robs)
  * Effects:
    o New `stats' effect; multichannel audio statistics.  (robs)
    o New `sinc' FFT filter effect; replacement for `filter'.  (robs)
    o New `fir' filter effect using external coefficients/file.  (robs)
    o New `biquad' filter effect using external coefficients.  (robs)
    o New `overdrive' effect.  (robs)
    o New `vad' Voice Activity Detector effect.  (robs)
    o `synth' enhancements: can now set common parameters for multiple
    channels, new `pluck' and `tpdf' types, `scientific' note
    notation, [2778142] just intonation.  (robs)
    o New multi-channel support and revised sizing options for `spectrogram'.
    N.B. revised options are not directly backwards compatible -- see the
    man page for details of the new syntax.  (robs)
    o Richer gain/normalise options.  (robs)
    o [2704442] Slight change to `riaa' gain: now norm'd to 0dB @ 1k
    (previously 19.9dB @ DC).  (Glenn Davis)
    o Fix [2487589] `dither' clipping detection & handling.  (robs)
    o Fix `repeat' sometimes stopping repeating too soon.  (robs)
    o Fix `repeat' sometimes repeating wrong audio segments.  (robs)
    o Fix [2332343] 'silence' segfault with certain lengths. (cbagwell)
    o Fix `silence' empty output file with A-law input.  (robs)
    o Fix temporary file problems in Windows (cygwin) with normalise and
    other effects.  (robs)
    o Fix [2779041] spectrogram PNG file is invalid on Windows.  (robs)
    o Fix [2787587] `trim x 0' should produce zero length audio.  (robs)
    o Parallel effects channel processing on some hyper-threading/mult-core
    architectures.  New `--single-threaded' option to disable this.  (robs)
  * Other new features:
    o Added ability to create shared DLL's on cygwin (cbagwell)
    o New `--guard' & `--norm' options; use temporary files to guard against
    clipping for many, but not currently all, effects.  (robs)
    o New `--ignore-length' option to ignore length in input file header (for
    simple encodings & for mp3); instead, read to end of file.  (robs)
    o New `--temp DIRECTORY' option.  (robs)
    o New `--play-rate-arg ARG' option.  (robs)
    o New SOX_OPTS environment variable; can be used to provide default
    values for above and other options.  (robs)
    o Grouped files, e.g. play -r 6k "*.vox" plays all at 6k.  (robs)
    o Automatically `dither'; new `--no-dither' option to disable this.  (robs)
    o Can now use `v' & `V' keys to adjust volume whilst playing audio (on some
    systems).  (robs)
    o New bitrate, time in seconds, & total options for soxi; bitrate
    and file-size display for sox.  (robs)
    o `Magic' (libmagic) file type detection now selected using `--magic'
    option (where supported).
    o [2003121] In many cases, no longer need to specify -t when inputing
    audio from a `pipe'.  (robs)
    o Support more Shoutcast URL variants.  (robs)
    o Added libSoX example #3: playing audio.  (robs)
  * Other bug fixes:
    o Fix [2262177] SoX build could fail with parse /etc/issue error.  (robs)
    o Fix "no handler for detected file type `application/octet-stream;
    charset=binary'" with raw files when using libmagic.  (robs)
  * Internal improvements:
    o Rationalise use of and make repeatable across different platforms
    pseudo random number generators.  (robs)
    o Rationalise effects' options interface (getopt compatible).  (robs)
    o Added stub headers to allow test compilation of all sources on
    linux.  (robs)
* Fri Jan 16 2009
- updated to 14.2.0
  * Processing chain:
    o now supports any number of input files
    o now allows multiple effects chains, multiple input pipes and,
    in some cases, multiple output files
    o initial support for Mac OSX audio IO
    o better support for large (2G/4G) files.
  * New effects:
    o (ISO 226) loudness control
    o RIAA vinyl EQ
    o pitch bending
  * Enhanced effects:
    o rate: minimum/intermediate/linear phase, custom bandwidth
    o dither: noise shaping
    o mcompand: now with Linkwitz-Riley crossover.
  * Various other small fixes/improvements.
* Thu Oct 23 2008
- fix build with updated libtool
* Mon Sep 01 2008
- updated to 14.1.0
  * New WavPack format.
  * New htk format.
  * New .f4 & .f8 raw file extensions.
  * New `splice' effect; splice together audio sections.
  * New `remix' effect; mixes any number of channels.
  * New `norm' (normalise) effect.
  * New `delay' effect; delay one or more channels.
  * New `contrast' enhancement effect.
  * New `rate' high quality resampling effect.
  * New `spectrogram' effect; creates a PNG (if built with PNG lib).
  * New `gain' alias for the vol effect.
  * New option --help-format shows info about supported format(s).
  * New --combine=mix-power option to mix combine using 1/sqrt(n) scaling instead of 1/n.
  * New --input-buffer option to specify (only) input buffer size.
  * New `soxi' utility to extract/display file header fields.
  * New VU meter.
  * Can now write .amb (.wav variant) files.
  * Can now read 2,3(2.6),4 bit ADPCM .voc files.
  * Can now read some MP3 ID3 tags.
  * Fix rec shortcut should apply bit depth (8-bit, 16-bit, etc.) to input handler.
  * Fix endian selection (-B, -L, -x) in some circumstances.
  * Various other small fixes/improvements.
* Fri Jun 27 2008
- Use autoreconf.
* Tue Mar 25 2008
- build file format modules with LDFLAGS -module -avoid-version