Here is an update to flac 1.3.4, released on 20 Feb 2022. It comes with
security fixes.
changelog: https://xiph.org/flac/changelog.html
This update:
- removes upstreamed bitreader.c patch
- updates cpu.c ppc patch
- bumps library majors
check_sym reports removed symbols:
https://namtsui.com/public/check_sym_FLAC.txt
https://namtsui.com/public/check_sym_FLACpp.txt
This commit adds -fvisibility=hidden for clang, which explains this
change, despite upstream reporting "Interface changes: ... (none)."
see:
https://github.com/xiph/flac/commit/d4a1b345dd16591ff6f17c67ee519afebe2f9792
include/FLAC/export.h:70:#define FLAC_API __attribute__ ((visibility ("default")))
include/FLAC++/export.h:70:#define FLACPP_API __attribute__ ((visibility ("default")))
Testing
-------
`make test' passes. I successfully tested flac playback with the
following consumers: libsndfile audacity cmus deadbeef flac123 moc sox
Feedback? OK?
Index: Makefile
===================================================================
RCS file: /cvs/ports/audio/flac/Makefile,v
retrieving revision 1.62
diff -u -p -u -p -r1.62 Makefile
--- Makefile 8 May 2021 15:19:22 -0000 1.62
+++ Makefile 23 Feb 2022 04:44:15 -0000
@@ -2,12 +2,11 @@
COMMENT= free lossless audio codec
-DISTNAME= flac-1.3.3
-REVISION= 0
+DISTNAME= flac-1.3.4
CATEGORIES= audio archivers
HOMEPAGE= https://www.xiph.org/flac/
-SHARED_LIBS += FLAC 11.0 # 11.0
-SHARED_LIBS += FLAC++ 9.0 # 9.0
+SHARED_LIBS += FLAC 12.0 # 11.0
+SHARED_LIBS += FLAC++ 10.0 # 9.0
MAINTAINER= Christian Weisgerber <naddy@openbsd.org>
Index: distinfo
===================================================================
RCS file: /cvs/ports/audio/flac/distinfo,v
retrieving revision 1.13
diff -u -p -u -p -r1.13 distinfo
--- distinfo 12 Aug 2019 21:47:23 -0000 1.13
+++ distinfo 23 Feb 2022 04:44:15 -0000
@@ -1,2 +1,2 @@
-SHA256 (flac-1.3.3.tar.xz) = IT6CvXFsnebbL5i8rbxMJMfi7+jHWTmhqE4oU5xOF0g=
-SIZE (flac-1.3.3.tar.xz) = 1044472
+SHA256 (flac-1.3.4.tar.xz) = j/BgfnWjIt181uxI9PIlRxQEricw0OqUUSexNVFV5zc=
+SIZE (flac-1.3.4.tar.xz) = 1038356
Index: patches/patch-src_libFLAC_bitreader_c
===================================================================
RCS file: patches/patch-src_libFLAC_bitreader_c
diff -N patches/patch-src_libFLAC_bitreader_c
--- patches/patch-src_libFLAC_bitreader_c 8 May 2021 15:19:22 -0000 1.1
+++ /dev/null 1 Jan 1970 00:00:00 -0000
@@ -1,17 +0,0 @@
-$OpenBSD: patch-src_libFLAC_bitreader_c,v 1.1 2021/05/08 15:19:22 naddy Exp $
-
-CVE-2020-0499: Fix out-of-bounds read
-https://github.com/xiph/flac/commit/2e7931c27eb15e387da440a37f12437e35b22dd4
-
-Index: src/libFLAC/bitreader.c
---- src/libFLAC/bitreader.c.orig
-+++ src/libFLAC/bitreader.c
-@@ -864,7 +864,7 @@ incomplete_lsbs:
- cwords = br->consumed_words;
- words = br->words;
- ucbits = FLAC__BITS_PER_WORD - br->consumed_bits;
-- b = br->buffer[cwords] << br->consumed_bits;
-+ b = cwords < br->capacity ? br->buffer[cwords] << br->consumed_bits : 0;
- } while(cwords >= words && val < end);
- }
-
Index: patches/patch-src_libFLAC_cpu_c
===================================================================
RCS file: /cvs/ports/audio/flac/patches/patch-src_libFLAC_cpu_c,v
retrieving revision 1.3
diff -u -p -u -p -r1.3 patch-src_libFLAC_cpu_c
--- patches/patch-src_libFLAC_cpu_c 15 Aug 2019 18:22:34 -0000 1.3
+++ patches/patch-src_libFLAC_cpu_c 23 Feb 2022 04:44:15 -0000
@@ -5,18 +5,20 @@ Remove getauxval(3) code for ppc because
Index: src/libFLAC/cpu.c
--- src/libFLAC/cpu.c.orig
+++ src/libFLAC/cpu.c
-@@ -53,10 +53,6 @@
+@@ -53,12 +53,6 @@
#define dfprintf(file, format, ...)
No comments:
Post a Comment