# # spec file for package wavpack # # Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # %define soname 1 Name: wavpack Version: 5.1.0 Release: 3.2 Summary: Hybrid Lossless Audio Compression Format License: BSD-3-Clause Group: Productivity/Multimedia/Sound/Editors and Convertors Url: http://www.wavpack.com/ Source0: http://www.wavpack.com/%{name}-%{version}.tar.bz2 Source99: baselibs.conf # PATCH-FIX-UPSTREAM bsc#1079746 CVE-2018-6767 Crafted wav file can trigger # a stack buffer overflow when parsing the file Patch0: wavpack-CVE-2018-6767.patch Patch1: CVE-2018-7253.patch Patch2: CVE-2018-7254.patch BuildRequires: libtool BuildRequires: pkgconfig %description WavPack is an open audio compression format providing lossless, high-quality lossy, and unique hybrid compression modes. Lossless mode is ideal for archiving audio material or any other situation where quality is paramount. The compression ratio depends on the source material, but generally is between 30%% and 70%%. The hybrid mode creates both, a relatively small, high-quality lossy file that can be used all by itself, and a "correction" file that (when combined with the lossy file) provides full lossless restoration. For some users, this means never having to choose between lossless and lossy compression. %package -n libwavpack%{soname} Summary: Hybrid Lossless Audio Compression Format Group: System/Libraries %description -n libwavpack%{soname} WavPack is an open audio compression format providing lossless, high-quality lossy, and unique hybrid compression modes. Lossless mode is ideal for archiving audio material or any other situation where quality is paramount. The compression ratio depends on the source material, but generally is between 30%% and 70%%. %package devel Summary: Development files for wavpack, an audio compression format Group: Development/Libraries/C and C++ Requires: %{name} = %{version} Requires: glibc-devel %description devel WavPack is an open audio compression format providing lossless, high-quality lossy, and unique hybrid compression modes. This subpackage contains libraries and header files for developing applications that want to make use of wavpack. %prep %setup -q %patch0 -p1 %patch1 -p1 %patch2 -p1 %build autoreconf -fiv %configure --disable-static make %{?_smp_mflags} %install %make_install # not needed find %{buildroot} -type f -name "*.la" -delete -print %check make %{?_smp_mflags} check %post -n libwavpack%{soname} -p /sbin/ldconfig %postun -n libwavpack%{soname} -p /sbin/ldconfig %files # AUTHORS NEWS are empty %doc ChangeLog README COPYING %{_bindir}/wavpack %{_bindir}/wvgain %{_bindir}/wvunpack %{_bindir}/wvtag %{_mandir}/man?/* %files -n libwavpack%{soname} %{_libdir}/libwavpack.so.%{soname} %{_libdir}/libwavpack.so.%{soname}.* %files devel %{_includedir}/wavpack %{_libdir}/libwavpack.so %{_libdir}/pkgconfig/wavpack.pc %changelog * Tue Feb 20 2018 kbabioch@suse.com - Added CVE-2018-7253.patch: Fixed a heap based buffer overread in cli/dsdiff.c, which allowed remote attackers to cause DoS via a specially crafted input file (CVE-2018-7253, bsc#1081692) - Added CVE-2018-7254.patch: Fixed a buffer overread in cli/caff.c, which allowed remote attackers to cause DoS via a specially crafted input file (CVE-2018-7254, bsc#1081693) * Mon Feb 19 2018 pmonrealgonzalez@suse.com - Security fix [bsc#1079746, CVE-2018-6767] * Crafted wav file can trigger a stack buffer overflow when parsing the file * Added wavpack-CVE-2018-6767.patch * Mon Nov 13 2017 jengelh@inai.de - Compact description. Drop pointless --with-pic since no static libs are built. * Thu Nov 9 2017 aavindraa@gmail.com - Update to version 5.1.0 * new: command-line tagging utility (wvtag) * added: option to import ID3v2.3 tags from Sony DSF files * fixed: fuzz test failures from AFL reported on SourceForge * improved: DSD decimation filter (less HF rolloff & CPU use) * fixed: non-byte audio depths (12-bit, 20-bit) not showing * fixed: rare case of noise-shaping triggering a lossy mute * fixed: recognize UTF-8 BOM when reading text files * fixed: a few portability issues - Includes changes from 5.0.0: * new: input formats (RF64, Wave64, and CAF) * removed: support for legacy WavPack files (< 4.0) * added: lossless DSD audio in Philips DSDIFF and Sony DSF files * fixed: seeking in > 2GB WavPack files (new stream reader) * fixed: accept > 4GB source audio files (all formats) * improved: increase maximum samples from 2^32 to 2^40 * added: block checksums for robustness to corruption * added: support for non-standard channel identities * added: block decoder for streaming applications * added: new pdf documentation - For other changes, see upstream: * https://github.com/dbry/WavPack/blob/master/ChangeLog - cleanup with spec-cleaner - remove wavpack-fix_pkgconfig.patch, fixed upstream in: * d440649aa113797a50e94285c8c037dc2ad7a5a9 * 779a2e62783acc6a46f75dd89359e95079ef708a * 7846e95eb1c3fa97da41dfe96de532c2df5ad281 - remove license.txt, use upstream copying file instead - Drop Requires, Provides and Obsoletes, as the SUSE versions they were needed for are now EOL. * Sat Jun 22 2013 crrodriguez@opensuse.org - update to WavPack 4.70-beta (packaged as 4.60.99) * 4GB file support on 32-bit OS * memcpy() not always used correctly (Linux targets) * unsigned char issue (ARM targets) * use temporary files for safer overwriting * Mon Feb 13 2012 coolo@suse.com - patch license to follow spdx.org standard * Fri Nov 25 2011 coolo@suse.com - add libtool as buildrequire to avoid implicit dependency * Fri Nov 25 2011 coolo@suse.com - remove _service * Sun Mar 6 2011 reddwarf@opensuse.org - Add libwavpack1 to baselibs.conf * Wed Dec 8 2010 cristian.rodriguez@opensuse.org - Update to version 4.60.1 * fixed: filename specs in tag extractions failed in batch operations * fixed: prevent creation of APEv2 tags > 1 MB (which we can't read) * fixed: crash when decoding old WavPack files (pre version 4.0) * added: man pages to build system and updated with newer options * Fri Apr 30 2010 meissner@suse.de - buildrequire pkgconfig * Thu Sep 4 2008 sbrabec@suse.cz - Updated to version 4.50.1: * added dynamic noise shaping for improved hybrid quality * added option to merge blocks of similar redundancy * added ability to store and retrieve extra mode level * improved bitrate calculation * improved decoding of corrupt and nonconforming files * added optimize storage of LossyWAV output files * added transcoding API * added metadata writing API * added full Unicode support * multichannel and 24-bit audio improvements * portability and crash fixes * Mon Aug 13 2007 crrodriguez@suse.de - remove static libraries and useless libtool archive * Fri Jul 27 2007 sbrabec@suse.cz - Updated to version 4.41.0: * bug fixes * improvements * new features * new optimization code * for complete list of changes see ChangeLog - Split package according to shared library packaging policy. * Thu Mar 29 2007 sbrabec@suse.cz - "comparison is always false" warnings fix (David Bryant). * Wed Mar 28 2007 sbrabec@suse.cz - New SuSE package, version 4.40.0, based on work of Toni Graffy .