From patchwork Sat Nov 29 21:47:37 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Bernd Kuhls <bernd.kuhls@t-online.de>
X-Patchwork-Id: 416015
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from fraxinus.osuosl.org (fraxinus.osuosl.org [140.211.166.137])
	by ozlabs.org (Postfix) with ESMTP id 2C8BA1400A0
	for <incoming@patchwork.ozlabs.org>;
	Sun, 30 Nov 2014 08:48:06 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by fraxinus.osuosl.org (Postfix) with ESMTP id 6E63AA2B6E;
	Sat, 29 Nov 2014 21:48:05 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id Pyyn_DmJiHVk; Sat, 29 Nov 2014 21:48:01 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by fraxinus.osuosl.org (Postfix) with ESMTP id C2F92A2B72;
	Sat, 29 Nov 2014 21:48:01 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from fraxinus.osuosl.org (fraxinus.osuosl.org [140.211.166.137])
	by ash.osuosl.org (Postfix) with ESMTP id 23A881BFA28
	for <buildroot@lists.busybox.net>;
	Sat, 29 Nov 2014 21:48:01 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by fraxinus.osuosl.org (Postfix) with ESMTP id 1EE49A2B42
	for <buildroot@lists.busybox.net>;
	Sat, 29 Nov 2014 21:48:01 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from fraxinus.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id V8ABdFA-nEIP for <buildroot@lists.busybox.net>;
	Sat, 29 Nov 2014 21:47:57 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mailout09.t-online.de (mailout09.t-online.de [194.25.134.84])
	by fraxinus.osuosl.org (Postfix) with ESMTPS id 22D08A1BC1
	for <buildroot@buildroot.org>; Sat, 29 Nov 2014 21:47:57 +0000 (UTC)
Received: from fwd27.aul.t-online.de (fwd27.aul.t-online.de [172.20.26.132])
	by mailout09.t-online.de (Postfix) with SMTP id 2CA16370A1D
	for <buildroot@buildroot.org>; Sat, 29 Nov 2014 22:47:55 +0100 (CET)
Received: from fli4l.lan.fli4l
	(Z4a1gZZ6ghIMl9XlxdjWMps9cElF9pKfUBIMc5h0ld16-nLnkwk9IafvMc7-px6wHT@[79.247.146.165])
	by fwd27.t-online.de with (TLSv1:ECDHE-RSA-AES256-SHA encrypted)
	esmtp id 1Xupro-3IJ3uy0; Sat, 29 Nov 2014 22:47:48 +0100
Received: from fli4lbuild64.lan.fli4l ([192.168.1.51]:45002)
	by fli4l.lan.fli4l with esmtpsa
	(TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256)
	(Exim 4.85_RC1-XX) (envelope-from <bernd.kuhls@t-online.de>)
	id 1Xuprn-0006bc-Am; Sat, 29 Nov 2014 22:47:47 +0100
From: Bernd Kuhls <bernd.kuhls@t-online.de>
To: buildroot@buildroot.org
Date: Sat, 29 Nov 2014 22:47:37 +0100
Message-Id: <1417297657-23448-1-git-send-email-bernd.kuhls@t-online.de>
X-Mailer: git-send-email 1.7.10.4
X-ID: Z4a1gZZ6ghIMl9XlxdjWMps9cElF9pKfUBIMc5h0ld16-nLnkwk9IafvMc7-px6wHT
X-TOI-MSGID: 2b4c6104-45b9-4691-bde9-99f56feea781
Cc: Bernd Kuhls <bernd.kuhls@t-online.de>
Subject: [Buildroot] [PATCH next 1/1] package/flac: bump version to 1.3.1
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
MIME-Version: 1.0
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

All patches were applied upstream:
http://xiph.org/flac/changelog.html

Added hash

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
---
 package/flac/0001-fix-altivec-logic.patch |   32 -----------------------
 package/flac/0002-fix-CVE-2014-9028.patch |   34 ------------------------
 package/flac/0003-fix-CVE-2014-8962.patch |   40 -----------------------------
 package/flac/flac.hash                    |    2 ++
 package/flac/flac.mk                      |    2 +-
 5 files changed, 3 insertions(+), 107 deletions(-)
 delete mode 100644 package/flac/0001-fix-altivec-logic.patch
 delete mode 100644 package/flac/0002-fix-CVE-2014-9028.patch
 delete mode 100644 package/flac/0003-fix-CVE-2014-8962.patch
 create mode 100644 package/flac/flac.hash

diff --git a/package/flac/0001-fix-altivec-logic.patch b/package/flac/0001-fix-altivec-logic.patch
deleted file mode 100644
index a1ac8a1..0000000
--- a/package/flac/0001-fix-altivec-logic.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From d65ede3e874c79348efc85cf3a185c170046c4c8 Mon Sep 17 00:00:00 2001
-From: Gustavo Zacarias <gustavo@zacarias.com.ar>
-Date: Wed, 4 Dec 2013 13:31:28 -0300
-Subject: [PATCH] Fix Makefile.am altivec logic
-
-Besides SPE (FSL e500v? cores) there are other powerpc processors
-that don't support altivec instructions so only enable them when it's
-100% sure that the target has it.
-
-Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
-Signed-off-by: Erik de Castro Lopo <erikd@mega-nerd.com>
----
- src/libFLAC/Makefile.am | 3 +--
- 1 file changed, 1 insertion(+), 2 deletions(-)
-
-diff --git a/src/libFLAC/Makefile.am b/src/libFLAC/Makefile.am
-index 247e33c..258de40 100644
---- a/src/libFLAC/Makefile.am
-+++ b/src/libFLAC/Makefile.am
-@@ -47,8 +47,7 @@ CPUCFLAGS = -faltivec -force_cpusubtype_ALL -DFLAC__NO_ASM
- else
- # Linux-gcc for PPC does not have -force_cpusubtype_ALL, it is Darwin-specific
- CPUCFLAGS =
--if FLaC__CPU_PPC_SPE
--else
-+if FLaC__USE_ALTIVEC
- CPUCFLAGS += -maltivec -mabi=altivec
- endif
- #@@@ PPC optimizations temporarily disabled
--- 
-1.8.3.2
-
diff --git a/package/flac/0002-fix-CVE-2014-9028.patch b/package/flac/0002-fix-CVE-2014-9028.patch
deleted file mode 100644
index 5a25ecf..0000000
--- a/package/flac/0002-fix-CVE-2014-9028.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From fcf0ba06ae12ccd7c67cee3c8d948df15f946b85 Mon Sep 17 00:00:00 2001
-From: Erik de Castro Lopo <erikd@mega-nerd.com>
-Date: Wed, 19 Nov 2014 19:35:59 -0800
-Subject: [PATCH] src/libFACL/stream_decoder.c : Fail safely to avoid a heap overflow.
-
-A file provided by the reporters caused the stream decoder to write to
-un-allocated heap space resulting in a segfault. The solution is to
-error out (by returning false from read_residual_partitioned_rice_())
-instead of trying to continue to decode.
-
-Fixes: CVE-2014-9028
-Reported-by: Michele Spagnuolo,
-             Google Security Team <mikispag@google.com>
----
- src/libFLAC/stream_decoder.c |    3 ++-
- 1 files changed, 2 insertions(+), 1 deletions(-)
-
-diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
-index 88a656d..54e84d4 100644
---- a/src/libFLAC/stream_decoder.c
-+++ b/src/libFLAC/stream_decoder.c
-@@ -2736,7 +2736,8 @@ FLAC__bool read_residual_partitioned_rice_(FLAC__StreamDecoder *decoder, unsigne
- 		if(decoder->private_->frame.header.blocksize < predictor_order) {
- 			send_error_to_client_(decoder, FLAC__STREAM_DECODER_ERROR_STATUS_LOST_SYNC);
- 			decoder->protected_->state = FLAC__STREAM_DECODER_SEARCH_FOR_FRAME_SYNC;
--			return true;
-+			/* We have received a potentially malicious bt stream. All we can do is error out to avoid a heap overflow. */
-+			return false;
- 		}
- 	}
- 	else {
--- 
-1.7.2.5
-
diff --git a/package/flac/0003-fix-CVE-2014-8962.patch b/package/flac/0003-fix-CVE-2014-8962.patch
deleted file mode 100644
index 563100e..0000000
--- a/package/flac/0003-fix-CVE-2014-8962.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 5b3033a2b355068c11fe637e14ac742d273f076e Mon Sep 17 00:00:00 2001
-From: Erik de Castro Lopo <erikd@mega-nerd.com>
-Date: Tue, 18 Nov 2014 07:20:25 -0800
-Subject: [PATCH] src/libFLAC/stream_decoder.c : Fix buffer read overflow.
-
-This is CVE-2014-8962.
-
-Reported-by: Michele Spagnuolo,
-             Google Security Team <mikispag@google.com>
----
- src/libFLAC/stream_decoder.c |    6 +++++-
- 1 files changed, 5 insertions(+), 1 deletions(-)
-
-diff --git a/src/libFLAC/stream_decoder.c b/src/libFLAC/stream_decoder.c
-index cb66fe2..88a656d 100644
---- a/src/libFLAC/stream_decoder.c
-+++ b/src/libFLAC/stream_decoder.c
-@@ -71,7 +71,7 @@ FLAC_API int FLAC_API_SUPPORTS_OGG_FLAC =
-  *
-  ***********************************************************************/
- 
--static FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' };
-+static const FLAC__byte ID3V2_TAG_[3] = { 'I', 'D', '3' };
- 
- /***********************************************************************
-  *
-@@ -1361,6 +1361,10 @@ FLAC__bool find_metadata_(FLAC__StreamDecoder *decoder)
- 			id = 0;
- 			continue;
- 		}
-+
-+		if(id >= 3)
-+			return false;
-+
- 		if(x == ID3V2_TAG_[id]) {
- 			id++;
- 			i = 0;
--- 
-1.7.2.5
-
diff --git a/package/flac/flac.hash b/package/flac/flac.hash
new file mode 100644
index 0000000..b5389fc
--- /dev/null
+++ b/package/flac/flac.hash
@@ -0,0 +1,2 @@
+# http://downloads.xiph.org/releases/flac/SHA256SUMS.txt
+sha256	4773c0099dba767d963fd92143263be338c48702172e8754b9bc5103efe1c56c	flac-1.3.1.tar.xz
diff --git a/package/flac/flac.mk b/package/flac/flac.mk
index daedd47..2f8c9c3 100644
--- a/package/flac/flac.mk
+++ b/package/flac/flac.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-FLAC_VERSION = 1.3.0
+FLAC_VERSION = 1.3.1
 FLAC_SITE = http://downloads.xiph.org/releases/flac
 FLAC_SOURCE = flac-$(FLAC_VERSION).tar.xz
 FLAC_INSTALL_STAGING = YES