# # spec file for package vorbis-tools # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: vorbis-tools Version: 1.4.0 Release: 269.1 Summary: Ogg Vorbis Tools License: GPL-2.0 Group: Productivity/Multimedia/Sound/Utilities Url: http://www.xiph.org/ Source0: http://downloads.xiph.org/releases/vorbis/%{name}-%{version}.tar.gz # PATCH-FIX-OPENSUSE warning-fixes.diff -- Fix rpm post-build-check failure for serious compiler warnings Patch0: warning-fixes.diff # PATCH-FIX-OPENSUSE vorbis-tools-cflags.diff bnc#93888 -- Remove -fsigned-char option Patch1: vorbis-tools-cflags.diff # PATCH-FIX-OPENSUSE vcut-fix-segfault.diff bnc#888360 -- Fix segfault of vcut Patch2: vcut-fix-segfault.diff # PATCH-FIX-UPSTREAM vorbis-tools-r19117-CVE-2014-9640.patch bsc#914938 CVE-201409640 Patch3: vorbis-tools-r19117-CVE-2014-9640.patch # PATCH-FIX-SUSE vorbis-tools-oggenc-CVE-2014-9639.patch bnc#914439 bnc#914441 CVE-2014-9638 CVE-2014-9639 Patch4: vorbis-tools-oggenc-CVE-2014-9639.patch # PATCH-FIX-SUSE oggenc-Fix-large-alloca-on-bad-AIFF-input.patch bsc#943795 CVE-2015-6749 Patch5: oggenc-Fix-large-alloca-on-bad-AIFF-input.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: flac-devel BuildRequires: gettext-tools BuildRequires: libao-devel BuildRequires: libcurl-devel %if 0%{?suse_version} >= 1140 BuildRequires: libkate-devel %endif BuildRequires: libtool BuildRequires: libvorbis-devel BuildRequires: pkg-config BuildRequires: speex-devel Recommends: %{name}-lang = %{version} %description This package contains some tools for Ogg Vorbis: oggenc (an encoder) and ogg123 (a playback tool). It also has vorbiscomment (to add comments to Vorbis files), ogginfo (to give all useful information about an Ogg file, including streams in it), oggdec (a simple command line decoder), and vcut (which allows you to cut up Vorbis files). Authors: -------- Michael Smith Kenneth Arnold Stan Seibert Segher Boessenkool Michael Gold Xiphophorus Company %lang_package %prep %setup -q %patch0 %patch1 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 # automake 1.13 deprecated AM_CONFIG_HEADER sed -i 's/AM_CONFIG_HEADER/AC_CONFIG_HEADERS/' configure.ac %build # Because of patch vorbis-tools-cflags.diff regenerate build system %{?suse_update_config:%{suse_update_config -f}} cp /usr/share/gettext/config.rpath . autoreconf --force --install # test ! -f po/Makevars.template || mv po/Makevars.template po/Makevars export CFLAGS="$RPM_OPT_FLAGS -fPIE" export LDFLAGS="-pie" %configure --disable-rpath make %{?_smp_mflags} %install %make_install # Remove unneeded files (they will be included in /usr/share/doc/packages/vorbis-tools/) rm -rf %{buildroot}%{_datadir}/doc/%{name}-%{version}/ %find_lang %{name} %files %defattr(-,root,root,-) %doc AUTHORS CHANGES COPYING README %doc ogg123/ogg123rc-example %{_bindir}/ogg123 %{_bindir}/oggdec %{_bindir}/oggenc %{_bindir}/ogginfo %{_bindir}/vcut %{_bindir}/vorbiscomment %doc %{_mandir}/man1/ogg123.1%{ext_man} %doc %{_mandir}/man1/oggdec.1%{ext_man} %doc %{_mandir}/man1/oggenc.1%{ext_man} %doc %{_mandir}/man1/ogginfo.1%{ext_man} %doc %{_mandir}/man1/vcut.1%{ext_man} %doc %{_mandir}/man1/vorbiscomment.1%{ext_man} %files lang -f %{name}.lang %defattr(-,root,root,-) %changelog * Thu Sep 24 2015 tiwai@suse.de - Fix buffer overflow in aiff_open() (CVE-2015-6749, bsc#943795): oggenc-Fix-large-alloca-on-bad-AIFF-input.patch * Fri Mar 6 2015 tiwai@suse.de - Fix division by zero and integer overflow by crafted WAV files (CVE-2014-9638, CVE-2014-9639, bnc#914439, bnc#914441): vorbis-tools-oggenc-CVE-2014-9639.patch * Tue Jan 27 2015 tiwai@suse.de - Fix segfault by a crafted raw file input (CVE-2014-9640, bsc#914938): vorbis-tools-r19117-CVE-2014-9640.patch * Wed Dec 31 2014 meissner@suse.com - build with PIE * Tue Jul 22 2014 tiwai@suse.de - vcut-fix-segfault.diff: Fix segfault of vcut (bnc#888360) * Fri Apr 5 2013 idonmez@suse.com - Add Source URL, see https://en.opensuse.org/SourceUrls * Sat Mar 2 2013 seife+obs@b1-systems.com - fix build with automake-1.13.1 * Sun Nov 20 2011 coolo@suse.com - add libtool as buildrequire to avoid implicit dependency * Mon Mar 7 2011 asterios.dramis@gmail.com - Spec file updates: * Fixed rpmlint warning "macro-in-comment". * Sun Mar 6 2011 asterios.dramis@gmail.com - Update to version 1.4.0: * Lots of changes (see CHANGES file). - Spec file updates: * Changes based on rpmdevtools templates and spec-cleaner run. * Changed License: to GPLv2. * Added description for the patches based on openSUSE Patches Guidelines. * Updates in Buildrequires: and %%description sections. * Added a vorbis-tools-lang package (based on rpmlint warning "package-with-huge-translation"). * Updates in %%build, %%install and %%files sections. - Removed the following patches (fixed upstream): * vorbis-tools-1.1.1-bounds-check-fix.diff * vorbis-tools-1.1.1-curl-7.16.diff * vorbis-tools-config.diff * vorbis-tools-flac-1.1.3.diff - Rebased the patch vorbis-tools-1.1.1-warning-fixes.diff (most are fixed upstream and only one change is needed to fix rpm post-build-check failure). Also renamed it to warning-fixes.diff. - Rebased the patch for cflags. * Mon Apr 14 2008 tiwai@suse.de - VUL-0: speex insufficient bounds checking (bnc#379098, CVE-2008-1686) * Wed Oct 31 2007 tiwai@suse.de - add support of FLAC 1.1.3 or later (#337916) - use find_lang * Fri Feb 2 2007 mmarek@suse.cz - fix build with curl-7.16 - fixed some more compiler warnings * Mon Oct 16 2006 schwab@suse.de - Make sure config.rpath is present. * Wed Aug 23 2006 tiwai@suse.de - build missing vcut command (#201242) * Sat Apr 8 2006 schwab@suse.de - Include "config.h" before using HAVE_* macros. * Wed Jan 25 2006 mls@suse.de - converted neededforbuild to BuildRequires * Tue Oct 18 2005 tiwai@suse.de - updated to version 1.1.1. - added flac-* and speex-* to neededforbuild. * Thu Jul 7 2005 tiwai@suse.de - removed -fsigned-char option (#93888). * Thu Apr 14 2005 sbrabec@suse.cz - Added audiofile-devel to neededforbuild. * Fri Apr 8 2005 tiwai@suse.de - fixed the build with the new gettext-0.14.3. * Mon Jan 12 2004 adrian@suse.de - build as user * Fri Jan 9 2004 tiwai@suse.de - updated to version 1.0.1. - enabled autoreconf again. * Fri Jun 6 2003 kukuk@suse.de - Remove wrong doc dir * Mon Jul 22 2002 tiwai@suse.de - updated to 1.0. * Fri Jan 4 2002 tiwai@suse.de - updated to RC3. sync with cvs 2002.01.04. now encoding with low variable rates is supported. - added curl and curl-devel to neededforbuild. * Tue Dec 4 2001 tiwai@suse.de - sync with cvs 2001.12.04. * Wed Oct 24 2001 tiwai@suse.de - sync with cvs 20011024. - removed explicit Requires to libraries. * Mon Aug 13 2001 tiwai@suse.de - updated to 1.0rc2 from cvs 20010813. * Fri Jul 13 2001 grimmer@suse.de - Fixed file list (using wildcards instead of shared directory names) * Mon Feb 26 2001 tiwai@suse.de - Updated to 1.0beta4. * Wed Jan 31 2001 tiwai@suse.de - Initial version: 1.0beta3.