| Message ID | 20220710134822.373689-1-fontaine.fabrice@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/1] package/wavpack: bump to version 5.5.0 | expand |
Fabrice, All, On 2022-07-10 15:48 +0200, Fabrice Fontaine spake thusly: > - Drop patch (already in version) > - Update hash of license file (update in year: > https://github.com/dbry/WavPack/commit/30d4161c47e135bda2c25a2161b9e3e44e4980ce) > > https://github.com/dbry/WavPack/releases/tag/5.5.0 > https://github.com/dbry/WavPack/blob/5.5.0/NEWS > > Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Applied to master, thanks. Regards, Yann E. MORIN. > --- > ...e-DSD-file-types-for-invalid-lengths.patch | 42 ------------------- > package/wavpack/wavpack.hash | 4 +- > package/wavpack/wavpack.mk | 5 +-- > 3 files changed, 3 insertions(+), 48 deletions(-) > delete mode 100644 package/wavpack/0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch > > diff --git a/package/wavpack/0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch b/package/wavpack/0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch > deleted file mode 100644 > index 76c1e81674..0000000000 > --- a/package/wavpack/0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch > +++ /dev/null > @@ -1,42 +0,0 @@ > -From 773f9d0803c6888ae7d5391878d7337f24216f4a Mon Sep 17 00:00:00 2001 > -From: David Bryant <david@wavpack.com> > -Date: Tue, 23 Nov 2021 13:14:35 -0800 > -Subject: [PATCH] issue #110: sanitize DSD file types for invalid lengths > - > -[Retrieved from: > -https://github.com/dbry/WavPack/commit/773f9d0803c6888ae7d5391878d7337f24216f4a] > -Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> > ---- > - cli/dsdiff.c | 6 ++++++ > - cli/dsf.c | 1 + > - 2 files changed, 7 insertions(+) > - > -diff --git a/cli/dsdiff.c b/cli/dsdiff.c > -index d7adb6a..5bdcae3 100644 > ---- a/cli/dsdiff.c > -+++ b/cli/dsdiff.c > -@@ -278,6 +278,12 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa > - } > - > - total_samples = dff_chunk_header.ckDataSize / config->num_channels; > -+ > -+ if (total_samples <= 0 || total_samples > MAX_WAVPACK_SAMPLES) { > -+ error_line ("%s is not a valid .DFF file!", infilename); > -+ return WAVPACK_SOFT_ERROR; > -+ } > -+ > - break; > - } > - else { // just copy unknown chunks to output file > -diff --git a/cli/dsf.c b/cli/dsf.c > -index e1d7973..dddd488 100644 > ---- a/cli/dsf.c > -+++ b/cli/dsf.c > -@@ -113,6 +113,7 @@ int ParseDsfHeaderConfig (FILE *infile, char *infilename, char *fourcc, WavpackC > - > - if (format_chunk.ckSize != sizeof (DSFFormatChunk) || format_chunk.formatVersion != 1 || > - format_chunk.formatID != 0 || format_chunk.blockSize != DSF_BLOCKSIZE || format_chunk.reserved || > -+ format_chunk.sampleCount <= 0 || format_chunk.sampleCount > MAX_WAVPACK_SAMPLES * 8 || > - (format_chunk.bitsPerSample != 1 && format_chunk.bitsPerSample != 8) || > - format_chunk.numChannels < 1 || format_chunk.numChannels > 6 || > - format_chunk.chanType < 1 || format_chunk.chanType > NUM_CHAN_TYPES) { > diff --git a/package/wavpack/wavpack.hash b/package/wavpack/wavpack.hash > index abc9ab6905..021703df74 100644 > --- a/package/wavpack/wavpack.hash > +++ b/package/wavpack/wavpack.hash > @@ -1,3 +1,3 @@ > # locally computed hash > -sha256 4bde6a6b2a86614a6bd2579e60dcc974e2c8f93608d2281110a717c1b3c28b79 wavpack-5.4.0.tar.xz > -sha256 f38defde000d62c4ff158f1445cb85a0c2f67cbc1d3cfa34ed882f439f6e3b43 COPYING > +sha256 ef749d98df46925bc2916993e601cc7ee9114d99653e63e0e304f031ba73b8e6 wavpack-5.5.0.tar.xz > +sha256 275d65ec11a78d552d078b9c26d950e3075892bca895a415ceaaec33bcfabff9 COPYING > diff --git a/package/wavpack/wavpack.mk b/package/wavpack/wavpack.mk > index 2e0438ac80..a3d952e29b 100644 > --- a/package/wavpack/wavpack.mk > +++ b/package/wavpack/wavpack.mk > @@ -4,7 +4,7 @@ > # > ################################################################################ > > -WAVPACK_VERSION = 5.4.0 > +WAVPACK_VERSION = 5.5.0 > WAVPACK_SITE = \ > https://github.com/dbry/WavPack/releases/download/$(WAVPACK_VERSION) > WAVPACK_SOURCE = wavpack-$(WAVPACK_VERSION).tar.xz > @@ -14,9 +14,6 @@ WAVPACK_LICENSE = BSD-3-Clause > WAVPACK_LICENSE_FILES = COPYING > WAVPACK_CPE_ID_VENDOR = wavpack > > -# 0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch > -WAVPACK_IGNORE_CVES += CVE-2021-44269 > - > ifeq ($(BR2_PACKAGE_LIBICONV),y) > WAVPACK_CONF_OPTS += LIBS=-liconv > endif > -- > 2.35.1 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
diff --git a/package/wavpack/0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch b/package/wavpack/0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch deleted file mode 100644 index 76c1e81674..0000000000 --- a/package/wavpack/0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 773f9d0803c6888ae7d5391878d7337f24216f4a Mon Sep 17 00:00:00 2001 -From: David Bryant <david@wavpack.com> -Date: Tue, 23 Nov 2021 13:14:35 -0800 -Subject: [PATCH] issue #110: sanitize DSD file types for invalid lengths - -[Retrieved from: -https://github.com/dbry/WavPack/commit/773f9d0803c6888ae7d5391878d7337f24216f4a] -Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> ---- - cli/dsdiff.c | 6 ++++++ - cli/dsf.c | 1 + - 2 files changed, 7 insertions(+) - -diff --git a/cli/dsdiff.c b/cli/dsdiff.c -index d7adb6a..5bdcae3 100644 ---- a/cli/dsdiff.c -+++ b/cli/dsdiff.c -@@ -278,6 +278,12 @@ int ParseDsdiffHeaderConfig (FILE *infile, char *infilename, char *fourcc, Wavpa - } - - total_samples = dff_chunk_header.ckDataSize / config->num_channels; -+ -+ if (total_samples <= 0 || total_samples > MAX_WAVPACK_SAMPLES) { -+ error_line ("%s is not a valid .DFF file!", infilename); -+ return WAVPACK_SOFT_ERROR; -+ } -+ - break; - } - else { // just copy unknown chunks to output file -diff --git a/cli/dsf.c b/cli/dsf.c -index e1d7973..dddd488 100644 ---- a/cli/dsf.c -+++ b/cli/dsf.c -@@ -113,6 +113,7 @@ int ParseDsfHeaderConfig (FILE *infile, char *infilename, char *fourcc, WavpackC - - if (format_chunk.ckSize != sizeof (DSFFormatChunk) || format_chunk.formatVersion != 1 || - format_chunk.formatID != 0 || format_chunk.blockSize != DSF_BLOCKSIZE || format_chunk.reserved || -+ format_chunk.sampleCount <= 0 || format_chunk.sampleCount > MAX_WAVPACK_SAMPLES * 8 || - (format_chunk.bitsPerSample != 1 && format_chunk.bitsPerSample != 8) || - format_chunk.numChannels < 1 || format_chunk.numChannels > 6 || - format_chunk.chanType < 1 || format_chunk.chanType > NUM_CHAN_TYPES) { diff --git a/package/wavpack/wavpack.hash b/package/wavpack/wavpack.hash index abc9ab6905..021703df74 100644 --- a/package/wavpack/wavpack.hash +++ b/package/wavpack/wavpack.hash @@ -1,3 +1,3 @@ # locally computed hash -sha256 4bde6a6b2a86614a6bd2579e60dcc974e2c8f93608d2281110a717c1b3c28b79 wavpack-5.4.0.tar.xz -sha256 f38defde000d62c4ff158f1445cb85a0c2f67cbc1d3cfa34ed882f439f6e3b43 COPYING +sha256 ef749d98df46925bc2916993e601cc7ee9114d99653e63e0e304f031ba73b8e6 wavpack-5.5.0.tar.xz +sha256 275d65ec11a78d552d078b9c26d950e3075892bca895a415ceaaec33bcfabff9 COPYING diff --git a/package/wavpack/wavpack.mk b/package/wavpack/wavpack.mk index 2e0438ac80..a3d952e29b 100644 --- a/package/wavpack/wavpack.mk +++ b/package/wavpack/wavpack.mk @@ -4,7 +4,7 @@ # ################################################################################ -WAVPACK_VERSION = 5.4.0 +WAVPACK_VERSION = 5.5.0 WAVPACK_SITE = \ https://github.com/dbry/WavPack/releases/download/$(WAVPACK_VERSION) WAVPACK_SOURCE = wavpack-$(WAVPACK_VERSION).tar.xz @@ -14,9 +14,6 @@ WAVPACK_LICENSE = BSD-3-Clause WAVPACK_LICENSE_FILES = COPYING WAVPACK_CPE_ID_VENDOR = wavpack -# 0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch -WAVPACK_IGNORE_CVES += CVE-2021-44269 - ifeq ($(BR2_PACKAGE_LIBICONV),y) WAVPACK_CONF_OPTS += LIBS=-liconv endif
- Drop patch (already in version) - Update hash of license file (update in year: https://github.com/dbry/WavPack/commit/30d4161c47e135bda2c25a2161b9e3e44e4980ce) https://github.com/dbry/WavPack/releases/tag/5.5.0 https://github.com/dbry/WavPack/blob/5.5.0/NEWS Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> --- ...e-DSD-file-types-for-invalid-lengths.patch | 42 ------------------- package/wavpack/wavpack.hash | 4 +- package/wavpack/wavpack.mk | 5 +-- 3 files changed, 3 insertions(+), 48 deletions(-) delete mode 100644 package/wavpack/0001-issue-110-sanitize-DSD-file-types-for-invalid-lengths.patch