diff options
-rw-r--r-- | main/lame/APKBUILD | 73 | ||||
-rw-r--r-- | main/lame/CVE-2015-9099.patch | 31 | ||||
-rw-r--r-- | main/lame/CVE-2015-9100_2017-9410_2017-9411.patch | 0 | ||||
-rw-r--r-- | main/lame/CVE-2017-9412_CVE-2017-11720.patch | 17 | ||||
-rw-r--r-- | main/lame/lame-automake-1.12.patch | 42 | ||||
-rw-r--r-- | main/lame/sse.patch | 30 |
6 files changed, 26 insertions, 167 deletions
diff --git a/main/lame/APKBUILD b/main/lame/APKBUILD index 9117e787ea..dd24776ef7 100644 --- a/main/lame/APKBUILD +++ b/main/lame/APKBUILD @@ -1,25 +1,22 @@ # Maintainer: Natanael Copa <ncopa@alpinelinux.org> pkgname=lame -pkgver=3.99.5 -_ver=${pkgver%.*} -pkgrel=6 +pkgver=3.100 +pkgrel=0 pkgdesc="An MP3 encoder and graphical frame analyzer" url="http://lame.sourceforge.net/" arch="all" license="LGPL2+" subpackages="$pkgname-dev $pkgname-doc" -depends= makedepends="nasm ncurses-dev autoconf automake libtool" -source="http://downloads.sourceforge.net/project/lame/lame/$_ver/lame-$pkgver.tar.gz - sse.patch - lame-automake-1.12.patch - CVE-2015-9099.patch - CVE-2015-9100_2017-9410_2017-9411.patch - CVE-2017-9412_CVE-2017-11720.patch" - -_builddir="$srcdir"/$pkgname-$pkgver +source="http://downloads.sourceforge.net/project/lame/lame/$pkgver/$pkgname-$pkgver.tar.gz" +builddir="$srcdir"/$pkgname-$pkgver # secfixes:ss +# 3.100-r0: +# - CVE-2017-9410 +# - CVE-2017-9411 +# - CVE-2017-9412 +# - CVE-2015-9099 # 3.99.5-r6: # - CVE-2015-9099 # - CVE-2015-9100 @@ -29,27 +26,21 @@ _builddir="$srcdir"/$pkgname-$pkgver # - CVE-2017-11720 prepare() { - cd "$_builddir" - for i in $source; do - case $i in - *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; - esac - done + cd "$builddir" - # link fronted shared - sed -i -e 's/\(^LDFLAGS.*\)-static/\1/g' frontend/Makefile.am + default_prepare # fix for parallel builds mkdir -p libmp3lame/i386/.libs # fix for pic build with new nasm - sed -i -e '/define sp/s/+/ + /g' libmp3lame/i386/nasm.h || return 1 + sed -i -e '/define sp/s/+/ + /g' libmp3lame/i386/nasm.h - aclocal && automake --force --add-missing || return 1 + aclocal && automake --force --add-missing } build() { - cd "$_builddir" + cd "$builddir" ./configure \ --build=$CBUILD \ --host=$CHOST \ @@ -57,39 +48,27 @@ build() { --enable-nasm \ --disable-mp3x \ --enable-shared \ - --with-pic \ - || return 1 + --with-pic - make || return 1 + make +} + +check() { + cd "$builddir" + + make test } package() { local _textrels= - cd "$_builddir" - make DESTDIR="$pkgdir" install || return 1 + cd "$builddir" + + make DESTDIR="$pkgdir" install _textrels=$(scanelf -q -Rt "$pkgdir") if [ -n "$_textrels" ]; then error "Textrels found:" echo "$_textrels" - return 1 fi } -md5sums="84835b313d4a8b68f5349816d33e07ce lame-3.99.5.tar.gz -ca77f3259ed398ae1c55073dacdd752f sse.patch -54814745b84480da3b643582f2e5b485 lame-automake-1.12.patch -67e2b8ce0551d70ca391b59a3de3d195 CVE-2015-9099.patch -d41d8cd98f00b204e9800998ecf8427e CVE-2015-9100_2017-9410_2017-9411.patch -8baf1f177fd1622c1cb30a81a8b85e97 CVE-2017-9412_CVE-2017-11720.patch" -sha256sums="24346b4158e4af3bd9f2e194bb23eb473c75fb7377011523353196b19b9a23ff lame-3.99.5.tar.gz -1c8e1798391f45ee37632287ceaff7bcb9cd0221b6e5cf1d40a989b9541e341f sse.patch -52ba7c70db1223775b3f1f84f1895f27c1c01f73c58ea381ec97ec8e5236e0d7 lame-automake-1.12.patch -ffe13b2c1f3c0f1533a63c335b7f2e1f427c6a825824fe050ea966ba203e31be CVE-2015-9099.patch -e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 CVE-2015-9100_2017-9410_2017-9411.patch -cf2e798e835b08034a5ab26cf9739653034cff11c10c44b9ac680a0f97ba185a CVE-2017-9412_CVE-2017-11720.patch" -sha512sums="ce62d7eb9fc8c53c343374ded30f11153a296910f0be7e649197bca7412c6660aad1aa6143d56b750f866229eb492cf7bb4f682535c383fb4aa57d7077d8b4d8 lame-3.99.5.tar.gz -89c1a3b52c6469c78ab1fcb52e7dbb3a62dac20953905027301f659ebcb166d0fc4ef78b8459feec0c26e458f3e1415bb88209b9c43a5af1e0643764ffb6fe83 sse.patch -fa789f706e5efffaac9d7a6cf001b5a0fef7e04845ee2c02d5af4e735629b5f225e355673890892f028d6c35d3969124b3ef4a28c980050f1635c2a58b8f25ed lame-automake-1.12.patch -15de6a6f55c0c8d600b71ef93a38a8a3b42cea90657ee8295e49209dbe4c6215a0c6fd9572d0de2bd523e76bb414a876a828d26029230fe93e11711df4991fe5 CVE-2015-9099.patch -cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e CVE-2015-9100_2017-9410_2017-9411.patch -769dd3e7693689c9a35b33111ff99da657df720d9f63d4c2ee30b97ac28c25ba89ff3690f68da3f72b59e6812c2d19af6321fabd605563c3819882ddcfa814e4 CVE-2017-9412_CVE-2017-11720.patch" +sha512sums="0844b9eadb4aacf8000444621451277de365041cc1d97b7f7a589da0b7a23899310afd4e4d81114b9912aa97832621d20588034715573d417b2923948c08634b lame-3.100.tar.gz" diff --git a/main/lame/CVE-2015-9099.patch b/main/lame/CVE-2015-9099.patch deleted file mode 100644 index 5be534bd02..0000000000 --- a/main/lame/CVE-2015-9099.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 1ea4eac3e7d57dbad42fb067a32ac1600a0397a0 Mon Sep 17 00:00:00 2001 -From: Maks Naumov <maksqwe1@ukr.net> -Date: Thu, 22 Jan 2015 16:20:40 +0200 -Subject: [PATCH] Add check for invalid input sample rate - -Signed-off-by: Maks Naumov <maksqwe1@ukr.net> ---- - libmp3lame/lame.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/libmp3lame/lame.c b/libmp3lame/lame.c -index 5989160..51d689c 100644 ---- a/libmp3lame/lame.c -+++ b/libmp3lame/lame.c -@@ -822,6 +822,12 @@ lame_init_params(lame_global_flags * gfp) - } - #endif - -+ if (gfp->samplerate_in < 0) { -+ freegfc(gfc); -+ gfp->internal_flags = NULL; -+ return -1; -+ } -+ - cfg->disable_reservoir = gfp->disable_reservoir; - cfg->lowpassfreq = gfp->lowpassfreq; - cfg->highpassfreq = gfp->highpassfreq; --- -1.9.4.msysgit.1 - - diff --git a/main/lame/CVE-2015-9100_2017-9410_2017-9411.patch b/main/lame/CVE-2015-9100_2017-9410_2017-9411.patch deleted file mode 100644 index e69de29bb2..0000000000 --- a/main/lame/CVE-2015-9100_2017-9410_2017-9411.patch +++ /dev/null diff --git a/main/lame/CVE-2017-9412_CVE-2017-11720.patch b/main/lame/CVE-2017-9412_CVE-2017-11720.patch deleted file mode 100644 index 214ca459c6..0000000000 --- a/main/lame/CVE-2017-9412_CVE-2017-11720.patch +++ /dev/null @@ -1,17 +0,0 @@ -Description: Avoid malformed wav causing floating point exception (integer divide by zero) -Author: Fabian Greffrath <fabian+debian@greffrath.com> -Bug-Debian: https://bugs.debian.org/777159 - ---- a/frontend/get_audio.c -+++ b/frontend/get_audio.c -@@ -1448,6 +1448,10 @@ parse_wave_header(lame_global_flags * gf - else { - (void) lame_set_in_samplerate(gfp, global_reader.input_samplerate); - } -+ /* avoid division by zero */ -+ if (bits_per_sample < 1) -+ return -1; -+ - global. pcmbitwidth = bits_per_sample; - global. pcm_is_unsigned_8bit = 1; - global. pcm_is_ieee_float = (format_tag == WAVE_FORMAT_IEEE_FLOAT ? 1 : 0); diff --git a/main/lame/lame-automake-1.12.patch b/main/lame/lame-automake-1.12.patch deleted file mode 100644 index ef566ec841..0000000000 --- a/main/lame/lame-automake-1.12.patch +++ /dev/null @@ -1,42 +0,0 @@ ---- ./configure.in.orig -+++ ./configure.in -@@ -77,9 +77,6 @@ - AC_MSG_RESULT(${GCC_version}) - fi - --dnl more automake stuff --AM_C_PROTOTYPES -- - AC_CHECK_HEADER(dmalloc.h) - if test "${ac_cv_header_dmalloc_h}" = "yes"; then - AM_WITH_DMALLOC ---- ./doc/html/Makefile.am.orig -+++ ./doc/html/Makefile.am -@@ -1,7 +1,5 @@ - ## $Id: Makefile.am,v 1.7 2010/09/30 20:58:40 jaz001 Exp $ - --AUTOMAKE_OPTIONS = foreign ansi2knr -- - docdir = $(datadir)/doc - pkgdocdir = $(docdir)/$(PACKAGE) - htmldir = $(docdir)/html ---- ./doc/man/Makefile.am.orig -+++ ./doc/man/Makefile.am -@@ -1,7 +1,5 @@ - ## $Id: Makefile.am,v 1.1 2000/10/22 11:39:44 aleidinger Exp $ - --AUTOMAKE_OPTIONS = foreign ansi2knr -- - man_MANS = lame.1 - EXTRA_DIST = ${man_MANS} - ---- ./libmp3lame/i386/Makefile.am.orig -+++ ./libmp3lame/i386/Makefile.am -@@ -1,7 +1,5 @@ - ## $Id: Makefile.am,v 1.26 2011/04/04 09:42:34 aleidinger Exp $ - --AUTOMAKE_OPTIONS = foreign $(top_srcdir)/ansi2knr -- - DEFS = @DEFS@ @CONFIG_DEFS@ - - ECHO ?= echo diff --git a/main/lame/sse.patch b/main/lame/sse.patch deleted file mode 100644 index 7958c64ef6..0000000000 --- a/main/lame/sse.patch +++ /dev/null @@ -1,30 +0,0 @@ -xmm_quantize_sub.c: In function 'init_xrpow_core_sse': -xmm_quantize_sub.c:65:18: warning: SSE vector return without SSE enabled changes the ABI [-W -psabi] - const __m128 vec_fabs_mask = _mm_loadu_ps(&fabs_mask._float[0]); - ^ -In file included from xmm_quantize_sub.c:37:0: -/usr/lib/gcc/i686-w64-mingw32/4.9.0/include/xmmintrin.h:933:1: error: inlining failed in call to always_inline '_mm_loadu_ps': target specific option mismatch - _mm_loadu_ps (float const *__P) - ^ -xmm_quantize_sub.c:65:18: error: called from here - const __m128 vec_fabs_mask = _mm_loadu_ps(&fabs_mask._float[0]); - ^ ---- lame/libmp3lame/vector/xmm_quantize_sub.c.orig 2014-06-08 12:16:19.455468042 -0700 -+++ lame/libmp3lame/vector/xmm_quantize_sub.c 2014-06-08 12:16:09.592356980 -0700 -@@ -35,6 +35,7 @@ - #ifdef HAVE_XMMINTRIN_H - - #include <xmmintrin.h> -+#pragma GCC target("sse") - - typedef union { - int32_t _i_32[4]; /* unions are initialized by its first member */ -@@ -124,6 +125,7 @@ - } - - -+#pragma GCC target("sse2") - void - fht_SSE2(FLOAT * fz, int n) - { |