* Wed Feb 14 2018 kbabioch@suse.com
- Added patches:
* CVE-2017-11332.patch: Fixed the startread function in wav.c, which allowed
remote attackers to cause a DoS (divide-by-zero) via a crafted wav file.
(CVE-2017-11332 bsc#1081140)
* CVE-2017-11358.patch: Fixed the read_samples function in hcom.c, which
allowed remote attackers to cause a DoS (invalid memory read) via a crafted
hcom file. (CVE-2017-11358 bsc#1081141)
* CVE-2017-11359.patch: Fixed the wavwritehdr function in wav.c, which
allowed remote attackers to cause a DoS (divide-by-zero) when converting a
a crafted snd file to a wav file. (CVE-2017-11359 bsc#1081142)
* CVE-2017-15370.patch: Fixed a heap-based buffer overflow in the ImaExpandS
function of ima_rw.c, which allowed remote attackers to cause a DoS during
conversion of a crafted audio file. (CVE-2017-15370 bsc#1063439)
* CVE-2017-15371.patch: Fixed an assertion abort in the function
sox_append_comment() in formats.c, which allowed remote attackers to cause
a DoS during conversion of a crafted audio file. (CVE-2017-15371
bsc#1063450)
* CVE-2017-15372.patch: Fixed a stack-based buffer overflow in the
lsx_ms_adpcm_block_expand_i function of adpcm.c, which allowed remote
attackers to cause a DoS during conversion of a crafted audio file.
(CVE-2017-15372 bsc#1063456)
* CVE-2017-15642.patch: Fixed an Use-After-Free vulnerability in
lsx_aiffstartread in aiff.c, which could be triggered by an attacker by
providing a malformed AIFF file. (CVE-2017-15642 bsc#1064576)
* CVE-2017-18189.patch: Fixed a NULL pointer dereference triggered by a
corrupt header specifying zero channels in the startread function in
xa.c, which allowed remote attackers to cause a DoS (CVE-2017-18189
bsc#1081146).
- Removed sox-doublefree.patch
* Tue Dec 19 2017 meissner@suse.com
- sox-doublefree.patch: initialize comment, it might
get returned back with OK. (bsc#1064576 CVE-2017-15642)
* Fri Aug 25 2017 olaf@aepfle.de
- Enable lame/mad/twolame unconditionally
- Remove ffmpeg/opus conditional because it is always present
* Mon Mar 06 2017 zaitor@opensuse.org
- Replace libopus-devel with pkgconfig(opusfile) BuildRequires:
this is what configure looks for, and will actually build the
optional opus support as intended.
Version: 14.4.2-2.1
* Tue Sep 22 2015 mpluskal@suse.com
- Update to 14.4.2
o Add optional support for reading Ogg Opus files.
o Fix for max size text chunks in aiff files.
o Add reading support for RF64 WAV files.
o Work around for libsndfile created RF64 files with invalid
sizes.
o Detect MS ADPCM WAV files with invalid blocks.
o Detect Sphere files with invalid header sizes.
o 'Deemph' can now also be used at 48kHz sample rate.
o 'Rate' now much faster in many cases.
o Allow sending spectrograms to stdout.
o Allow use of Dolph window with spectrograms.
o Allow mixing time and sample-count arguments for the delay
effect, and for spectrogram -S and -d.
o Support multi-channel LADSPA plugins.
o Support infinite repetition with repeat.
o Improved pink noise frequency response in synth.
o Extended syntax for specifying audio positions to several
effects.
o Fix integer overflow in mcompand. [3590093]
o Add optional latency compenstation for LADSPA plugins.
o New -p option for soxi to display sample precision.
o New libsox example6: give explicit output attributes.
o Speed optimization for effects that operate on channels
independently.
o Fix memory leaks.
o Most internal symbols (lsx_*) are no longer exported.
- Drop sox-14.4.0-ocloexec.patch as it brings little enhancement
and there has been no activity at upstreaming it
- Enable ffmpeg and opus by default
* Wed Sep 11 2013 reddwarf@opensuse.org
- Update to version 14.4.1
o Fix pipe file-type detection regression
o MAUD write fixes
o Fix crash when seeking within a FLAC file
o Fix Ogg Vorbis files with certain numbers of channels being
truncated
o Fix reading 64-bit float WAVs
o Fix potential buffer overrun when writing FLAC files directly via
sox_write()
o Check whether pulseaudio is available before choosing it as
default
o Restore 8 seconds default for spectrogram, if the input length is
not known
o Set output length for splice to unknown instead of 0
o Increase maximum width for spectrograms
o Fix memory leaks in LADSPA effect
o Fix hang in several effects (rate, tempo, and those based on
dft_filter) when processing long files
o Prevent (m)compand from tampering with their arguments
o Fix input length calculation for combine methods other than
concatenate
o Fix to configure.ac to work with Autoconf 2.69
- Rebase sox-14.4.0-ocloexec.patch
* Thu Feb 07 2013 crrodriguez@opensuse.org
- sox-14.4.0-ocloexec.patch: edited, config.h must be included
_everywhere_ and GNU_SOURCE defined so O_CLOEXEC is available
for all targets.
* Sat Nov 17 2012 crrodriguez@opensuse.org
- Disable OSS support, alsa and pulse are enough for us now.
* Sat Apr 14 2012 reddwarf@opensuse.org
- Update to version 14.4.0
o Add floating point encodings in AIFF-C files.
o Pad WAV data chunks to an even number of bytes.
o Made Pulse Audio driver the default driver.
o Lots of improvements to man pages.
o New upsample, hilbert, and downsample effects.
o Fix fading bugs.
o Enable --plot on biquad and fir effects.
o Now effects chain can be unlimitted length.
o Fix newfile/restart effects when merging or mixing files.
o Fix crash in compand and mcompand effect.
o Improved audio length calculations when using effects.
o New trim effect with enhanced capabilities.
o Improved large file support.
o MP2 write support.
- Split librarires to follow SLPP
- Optionally enable twolame support
- Use pkgconfig() style BuildRequires
- Update ocloexec patch to apply to the new version
- Remove audioio.h/sunaudio support
- Remove unneeded ncurses BuildRequire
- Remove patches not needed anymore (sox-14.3.2-new_ffmpeg.patch,
sox-14.3.1-undefined.patch and sox-14.3.1-aliasing.patch)
* Sun Nov 27 2011 pascal.bleser@opensuse.org
- fix build on < 12.1 by not applying the O_CLOEXEC patch there as it is not in
the glibc
- fix build on >= 12.1 by adding ncurses-devel to the BuildRequires
* Fri Nov 18 2011 crrodriguez@opensuse.org
- libsox: Use O_CLOEXEC where needed, this is specially important
in library code and even more here as threading is used.
* Mon Jun 27 2011 coolo@novell.com
- remove _service file, way too fragile (see sr#74395)
* Wed Jun 22 2011 reddwarf@opensuse.org
- make it support new ffmpeg versions
- remove buildstamp without modifying the output
- use opencore-amr for AMR support
* Tue Mar 01 2011 reddwarf@opensuse.org
- Update to version 14.3.2
o Seek support for MP3 files.
o Fix WavPack header bugs.
o Fix length error in 24-bit RIFF files.
o Add default channel mapping to 24-bit RIFF files.
o Fix ffmpeg crashes on some CPU's.
o Read wider range of WAV files with chunks embedded.
o Fix incorrect MP3 length determination with some VBR files with initial silence.
o Enable LADSPA support by default on all platforms if libltdl exists.
o Allow now legend on spectrogram.
o Fix -w option on stat effect.
o Support specifying absolute end position instead of offset from beginning of trim operation.
* Tue Sep 21 2010 reddwarf@opensuse.org
- Add libmagic support
- Added sox-14.3.1-undefined.patch and sox-14.3.1-aliasing.patch
- Run spec-cleaner and general cleanup
- Fix MP3 support linking directly against needed libraries
- Fix License tag
* Tue Apr 13 2010 davejplater@gmail.com
- Update to version 14.3.1, remove sox-14.2.0-vorbis.patch due to
vorbis1.h no longer existing. Fix sox-no_buildstamp.patch.
- LibSoX interface changes:
o Added new variants of sox_open to allow read/write from/to memory
buffers (in POSIX 2008 environment); see example5.c. (robs)
- File formats:
o New Grandstream ring-tone (gsrt) format. (robs)
o CVSD encode/decode speed-ups. (Kimberly Rockwell, P. Chaintreuil)
o Fix failed writing 24-bit PAF files (and possibly other libsndfile
based formats). (cbagwell)
o Allow libsndfile to be dlopen()'ed at runtime if --enable-dl-sndfile
is used. (Doug Cook)
o Allow amr-nb/amr-wb to be dlopen()'ed at runtime if
- -enable-dl-amrwb or --enable-dl-amrnb is used. (Doug Cook)
o amrnb and amrwb formats can optionally use opencore-amr libraries.
(cbagwell)
- Audio device drivers:
o Add 32-bit support to ALSA driver. (Pavel Hofman)
- Effects:
o Fix [2254919] silence doesn't trim digital silence correctly. (robs)
o Fix [2859842] stats effect crashes on 64-bit arch. (Ulrich Klauer)
- Other new features:
o Added libSoX example #4: concatenating audio files. (robs)
o Show soxi version & usage information when no args given. (robs)
- Other bug fixes:
o Fix build so that grouped files (e.g. play -r 6k "*.vox" plays all
at 6k) works. (robs)
o Fix build to support auto file type detection with pipes on FreeBSD
and elsewhere. (Dan Nelson)
o Fix simultaneous play & rec not working. (robs)
o Fix missing documentation for -R (repeatable), and pulseaudio driver.
o Fix memory leak of format private data. (Slawomir Testowy)
- Internal improvements:
o Move bit-rot detection support files to sub-directory (could
previously cause build problems). (robs)
o Added utilities to help any format handler dlopen() external
libraries at run time instead of link time. (Doug Cook)
* Sun Dec 13 2009 cmorve69@yahoo.es
- Remove buildstamp to help build-compare
* Thu Jun 25 2009 cmorve69@yahoo.es
- made ffmpeg, mad, lame, amrwb and amrnb support build conditional
- enable PulseAudio support
* Mon Jun 22 2009 prusnak@suse.cz
- updated to 14.3.0
* LibSoX interface changes:
o sox_format_init() has been supeseded by sox_init().
o Removed obsolete error codes (SOX_E...); new sox_strerror()
function to convert error codes to text.
o Use of sox_effect_options() is now mandatory when initialising an
effect (see example0.c for an example of this).
o sox_flow_effects() has a new (3rd) parameter: a void pointer
`client_data' that is passed as a new (2nd) parameter to the flow
callback function. client_data may be NULL.
* File formats:
o Slight improvement to A-law/u-law conversion accuracy: round LSB
instead of truncating. (robs)
o Fix length in wav header with multi-channel output to pipe. (robs)
o Fix [2028181] w64 float format incompatibility. (Tim Munro)
o Fix reading AIFF files with pad bytes in COMT chunks. (Joe Holt)
o Fix AIFF file length bug to stop reading trash data on files that
have extra chunks at end of file. (Joe Holt)
o Fix file length being 4 bytes short for AIFF sowt CD tracks. (Joe Holt)
o Fix [2404566] segfault when converting from MS ADPCM wav file. (robs)
o Fix slight FLAC seek inaccuracy e.g. when using `trim' effect. (robs)
o Fix mp3 decode sometimes being up to a block short. (robs)
o Fix not outputing GSM-in-wav when input is GSM-in-wav. (robs)
* Audio device drivers:
o New native OpenBSD audio handler for play/recording. (Alexandre Ratchov)
o 24-bit support for ALSA handler. (robs)
o Warn if ALSA under/overrun. (robs)
* Effects:
o New `stats' effect; multichannel audio statistics. (robs)
o New `sinc' FFT filter effect; replacement for `filter'. (robs)
o New `fir' filter effect using external coefficients/file. (robs)
o New `biquad' filter effect using external coefficients. (robs)
o New `overdrive' effect. (robs)
o New `vad' Voice Activity Detector effect. (robs)
o `synth' enhancements: can now set common parameters for multiple
channels, new `pluck' and `tpdf' types, `scientific' note
notation, [2778142] just intonation. (robs)
o New multi-channel support and revised sizing options for `spectrogram'.
N.B. revised options are not directly backwards compatible -- see the
man page for details of the new syntax. (robs)
o Richer gain/normalise options. (robs)
o [2704442] Slight change to `riaa' gain: now norm'd to 0dB @ 1k
(previously 19.9dB @ DC). (Glenn Davis)
o Fix [2487589] `dither' clipping detection & handling. (robs)
o Fix `repeat' sometimes stopping repeating too soon. (robs)
o Fix `repeat' sometimes repeating wrong audio segments. (robs)
o Fix [2332343] 'silence' segfault with certain lengths. (cbagwell)
o Fix `silence' empty output file with A-law input. (robs)
o Fix temporary file problems in Windows (cygwin) with normalise and
other effects. (robs)
o Fix [2779041] spectrogram PNG file is invalid on Windows. (robs)
o Fix [2787587] `trim x 0' should produce zero length audio. (robs)
o Parallel effects channel processing on some hyper-threading/mult-core
architectures. New `--single-threaded' option to disable this. (robs)
* Other new features:
o Added ability to create shared DLL's on cygwin (cbagwell)
o New `--guard' & `--norm' options; use temporary files to guard against
clipping for many, but not currently all, effects. (robs)
o New `--ignore-length' option to ignore length in input file header (for
simple encodings & for mp3); instead, read to end of file. (robs)
o New `--temp DIRECTORY' option. (robs)
o New `--play-rate-arg ARG' option. (robs)
o New SOX_OPTS environment variable; can be used to provide default
values for above and other options. (robs)
o Grouped files, e.g. play -r 6k "*.vox" plays all at 6k. (robs)
o Automatically `dither'; new `--no-dither' option to disable this. (robs)
o Can now use `v' & `V' keys to adjust volume whilst playing audio (on some
systems). (robs)
o New bitrate, time in seconds, & total options for soxi; bitrate
and file-size display for sox. (robs)
o `Magic' (libmagic) file type detection now selected using `--magic'
option (where supported).
o [2003121] In many cases, no longer need to specify -t when inputing
audio from a `pipe'. (robs)
o Support more Shoutcast URL variants. (robs)
o Added libSoX example #3: playing audio. (robs)
* Other bug fixes:
o Fix [2262177] SoX build could fail with parse /etc/issue error. (robs)
o Fix "no handler for detected file type `application/octet-stream;
charset=binary'" with raw files when using libmagic. (robs)
* Internal improvements:
o Rationalise use of and make repeatable across different platforms
pseudo random number generators. (robs)
o Rationalise effects' options interface (getopt compatible). (robs)
o Added stub headers to allow test compilation of all sources on
linux. (robs)
* Fri Jan 16 2009 prusnak@suse.cz
- updated to 14.2.0
* Processing chain:
o now supports any number of input files
o now allows multiple effects chains, multiple input pipes and,
in some cases, multiple output files
o initial support for Mac OSX audio IO
o better support for large (2G/4G) files.
* New effects:
o (ISO 226) loudness control
o RIAA vinyl EQ
o pitch bending
* Enhanced effects:
o rate: minimum/intermediate/linear phase, custom bandwidth
o dither: noise shaping
o mcompand: now with Linkwitz-Riley crossover.
* Various other small fixes/improvements.
* Thu Oct 23 2008 ro@suse.de
- fix build with updated libtool
* Mon Sep 01 2008 prusnak@suse.cz
- updated to 14.1.0
* New WavPack format.
* New htk format.
* New .f4 & .f8 raw file extensions.
* New `splice' effect; splice together audio sections.
* New `remix' effect; mixes any number of channels.
* New `norm' (normalise) effect.
* New `delay' effect; delay one or more channels.
* New `contrast' enhancement effect.
* New `rate' high quality resampling effect.
* New `spectrogram' effect; creates a PNG (if built with PNG lib).
* New `gain' alias for the vol effect.
* New option --help-format shows info about supported format(s).
* New --combine=mix-power option to mix combine using 1/sqrt(n) scaling instead of 1/n.
* New --input-buffer option to specify (only) input buffer size.
* New `soxi' utility to extract/display file header fields.
* New VU meter.
* Can now write .amb (.wav variant) files.
* Can now read 2,3(2.6),4 bit ADPCM .voc files.
* Can now read some MP3 ID3 tags.
* Fix rec shortcut should apply bit depth (8-bit, 16-bit, etc.) to input handler.
* Fix endian selection (-B, -L, -x) in some circumstances.
* Various other small fixes/improvements.
* Fri Jun 27 2008 schwab@suse.de
- Use autoreconf.
* Tue Mar 25 2008 prusnak@suse.cz
- build file format modules with LDFLAGS -module -avoid-version
(module-avoid-version.patch)