head 1.31; access; symbols pkgsrc-2023Q4:1.31.0.4 pkgsrc-2023Q4-base:1.31 pkgsrc-2023Q3:1.31.0.2 pkgsrc-2023Q3-base:1.31 pkgsrc-2023Q2:1.30.0.14 pkgsrc-2023Q2-base:1.30 pkgsrc-2023Q1:1.30.0.12 pkgsrc-2023Q1-base:1.30 pkgsrc-2022Q4:1.30.0.10 pkgsrc-2022Q4-base:1.30 pkgsrc-2022Q3:1.30.0.8 pkgsrc-2022Q3-base:1.30 pkgsrc-2022Q2:1.30.0.6 pkgsrc-2022Q2-base:1.30 pkgsrc-2022Q1:1.30.0.4 pkgsrc-2022Q1-base:1.30 pkgsrc-2021Q4:1.30.0.2 pkgsrc-2021Q4-base:1.30 pkgsrc-2021Q3:1.28.0.10 pkgsrc-2021Q3-base:1.28 pkgsrc-2021Q2:1.28.0.8 pkgsrc-2021Q2-base:1.28 pkgsrc-2021Q1:1.28.0.6 pkgsrc-2021Q1-base:1.28 pkgsrc-2020Q4:1.28.0.4 pkgsrc-2020Q4-base:1.28 pkgsrc-2020Q3:1.28.0.2 pkgsrc-2020Q3-base:1.28 pkgsrc-2020Q2:1.27.0.16 pkgsrc-2020Q2-base:1.27 pkgsrc-2020Q1:1.27.0.12 pkgsrc-2020Q1-base:1.27 pkgsrc-2019Q4:1.27.0.14 pkgsrc-2019Q4-base:1.27 pkgsrc-2019Q3:1.27.0.10 pkgsrc-2019Q3-base:1.27 pkgsrc-2019Q2:1.27.0.8 pkgsrc-2019Q2-base:1.27 pkgsrc-2019Q1:1.27.0.6 pkgsrc-2019Q1-base:1.27 pkgsrc-2018Q4:1.27.0.4 pkgsrc-2018Q4-base:1.27 pkgsrc-2018Q3:1.27.0.2 pkgsrc-2018Q3-base:1.27 pkgsrc-2018Q2:1.26.0.4 pkgsrc-2018Q2-base:1.26 pkgsrc-2018Q1:1.26.0.2 pkgsrc-2018Q1-base:1.26 pkgsrc-2017Q4:1.25.0.20 pkgsrc-2017Q4-base:1.25 pkgsrc-2017Q3:1.25.0.18 pkgsrc-2017Q3-base:1.25 pkgsrc-2017Q2:1.25.0.14 pkgsrc-2017Q2-base:1.25 pkgsrc-2017Q1:1.25.0.12 pkgsrc-2017Q1-base:1.25 pkgsrc-2016Q4:1.25.0.10 pkgsrc-2016Q4-base:1.25 pkgsrc-2016Q3:1.25.0.8 pkgsrc-2016Q3-base:1.25 pkgsrc-2016Q2:1.25.0.6 pkgsrc-2016Q2-base:1.25 pkgsrc-2016Q1:1.25.0.4 pkgsrc-2016Q1-base:1.25 pkgsrc-2015Q4:1.25.0.2 pkgsrc-2015Q4-base:1.25 pkgsrc-2015Q3:1.24.0.6 pkgsrc-2015Q3-base:1.24 pkgsrc-2015Q2:1.24.0.4 pkgsrc-2015Q2-base:1.24 pkgsrc-2015Q1:1.24.0.2 pkgsrc-2015Q1-base:1.24 pkgsrc-2014Q4:1.23.0.8 pkgsrc-2014Q4-base:1.23 pkgsrc-2014Q3:1.23.0.6 pkgsrc-2014Q3-base:1.23 pkgsrc-2014Q2:1.23.0.4 pkgsrc-2014Q2-base:1.23 pkgsrc-2014Q1:1.23.0.2 pkgsrc-2014Q1-base:1.23 pkgsrc-2013Q4:1.22.0.16 pkgsrc-2013Q4-base:1.22 pkgsrc-2013Q3:1.22.0.14 pkgsrc-2013Q3-base:1.22 pkgsrc-2013Q2:1.22.0.12 pkgsrc-2013Q2-base:1.22 pkgsrc-2013Q1:1.22.0.10 pkgsrc-2013Q1-base:1.22 pkgsrc-2012Q4:1.22.0.8 pkgsrc-2012Q4-base:1.22 pkgsrc-2012Q3:1.22.0.6 pkgsrc-2012Q3-base:1.22 pkgsrc-2012Q2:1.22.0.4 pkgsrc-2012Q2-base:1.22 pkgsrc-2012Q1:1.22.0.2 pkgsrc-2012Q1-base:1.22 pkgsrc-2011Q4:1.20.0.10 pkgsrc-2011Q4-base:1.20 pkgsrc-2011Q3:1.20.0.8 pkgsrc-2011Q3-base:1.20 pkgsrc-2011Q2:1.20.0.6 pkgsrc-2011Q2-base:1.20 pkgsrc-2011Q1:1.20.0.4 pkgsrc-2011Q1-base:1.20 pkgsrc-2010Q4:1.20.0.2 pkgsrc-2010Q4-base:1.20 pkgsrc-2010Q3:1.19.0.4 pkgsrc-2010Q3-base:1.19 pkgsrc-2010Q2:1.19.0.2 pkgsrc-2010Q2-base:1.19 pkgsrc-2010Q1:1.18.0.4 pkgsrc-2010Q1-base:1.18 pkgsrc-2009Q4:1.18.0.2 pkgsrc-2009Q4-base:1.18 pkgsrc-2009Q3:1.17.0.2 pkgsrc-2009Q3-base:1.17 pkgsrc-2009Q2:1.16.0.2 pkgsrc-2009Q2-base:1.16 pkgsrc-2009Q1:1.15.0.12 pkgsrc-2009Q1-base:1.15 pkgsrc-2008Q4:1.15.0.10 pkgsrc-2008Q4-base:1.15 pkgsrc-2008Q3:1.15.0.8 pkgsrc-2008Q3-base:1.15 cube-native-xorg:1.15.0.6 cube-native-xorg-base:1.15 pkgsrc-2008Q2:1.15.0.4 pkgsrc-2008Q2-base:1.15 cwrapper:1.15.0.2 pkgsrc-2008Q1:1.14.0.6 pkgsrc-2008Q1-base:1.14 pkgsrc-2007Q4:1.14.0.4 pkgsrc-2007Q4-base:1.14 pkgsrc-2007Q3:1.14.0.2 pkgsrc-2007Q3-base:1.14 pkgsrc-2007Q2:1.13.0.14 pkgsrc-2007Q2-base:1.13 pkgsrc-2007Q1:1.13.0.12 pkgsrc-2007Q1-base:1.13 pkgsrc-2006Q4:1.13.0.10 pkgsrc-2006Q4-base:1.13 pkgsrc-2006Q3:1.13.0.8 pkgsrc-2006Q3-base:1.13 pkgsrc-2006Q2:1.13.0.6 pkgsrc-2006Q2-base:1.13 pkgsrc-2006Q1:1.13.0.4 pkgsrc-2006Q1-base:1.13 pkgsrc-2005Q4:1.13.0.2 pkgsrc-2005Q4-base:1.13 pkgsrc-2005Q3:1.11.0.6 pkgsrc-2005Q3-base:1.11 pkgsrc-2005Q2:1.11.0.4 pkgsrc-2005Q2-base:1.11 pkgsrc-2005Q1:1.11.0.2 pkgsrc-2005Q1-base:1.11 pkgsrc-2004Q4:1.10.0.2 pkgsrc-2004Q4-base:1.10 pkgsrc-2004Q3:1.9.0.6 pkgsrc-2004Q3-base:1.9 pkgsrc-2004Q2:1.9.0.4 pkgsrc-2004Q2-base:1.9 pkgsrc-2004Q1:1.9.0.2 pkgsrc-2004Q1-base:1.9 pkgsrc-2003Q4:1.8.0.4 pkgsrc-2003Q4-base:1.8 netbsd-1-6-1:1.8.0.2 netbsd-1-6-1-base:1.8 netbsd-1-6:1.7.0.4 netbsd-1-6-RELEASE-base:1.7 pkgviews:1.6.0.4 pkgviews-base:1.6 buildlink2:1.6.0.2 buildlink2-base:1.7 netbsd-1-5-PATCH003:1.6 netbsd-1-5-PATCH001:1.3; locks; strict; comment @# @; 1.31 date 2023.08.04.07.00.57; author adam; state Exp; branches; next 1.30; commitid d8XHNH3UV5SnbrzE; 1.30 date 2021.10.26.09.59.10; author nia; state Exp; branches; next 1.29; commitid cF8UvcXIgKmoXieD; 1.29 date 2021.10.07.13.09.36; author nia; state Exp; branches; next 1.28; commitid e4SW5sFUCSIVCSbD; 1.28 date 2020.07.06.15.32.47; author adam; state Exp; branches; next 1.27; commitid SUTXGfmC9OxR82fC; 1.27 date 2018.08.06.13.25.38; author snj; state Exp; branches; next 1.26; commitid G3yGCNpW7L6WV3NA; 1.26 date 2018.03.16.20.23.53; author maya; state Exp; branches; next 1.25; commitid JZZgqv7mo5VIQIuA; 1.25 date 2015.11.03.01.12.39; author agc; state Exp; branches 1.25.20.1; next 1.24; commitid f6oNPVgDFD4PeAHy; 1.24 date 2015.03.09.08.14.23; author wiz; state Exp; branches; next 1.23; commitid 0ijxfrGVcfGIgUcy; 1.23 date 2014.01.27.20.17.01; author wiz; state Exp; branches; next 1.22; commitid iuNTHyZ2pVYLjNmx; 1.22 date 2012.02.21.13.05.57; author drochner; state Exp; branches; next 1.21; 1.21 date 2012.02.17.12.23.24; author drochner; state Exp; branches; next 1.20; 1.20 date 2010.11.09.13.12.11; author adam; state Exp; branches 1.20.10.1; next 1.19; 1.19 date 2010.04.23.21.45.19; author wiz; state Exp; branches; next 1.18; 1.18 date 2009.12.02.12.41.25; author wiz; state Exp; branches; next 1.17; 1.17 date 2009.07.17.20.28.21; author wiz; state Exp; branches 1.17.2.1; next 1.16; 1.16 date 2009.05.18.04.42.44; author dholland; state Exp; branches 1.16.2.1; next 1.15; 1.15 date 2008.05.14.16.36.18; author drochner; state Exp; branches; next 1.14; 1.14 date 2007.07.28.07.58.48; author wiz; state Exp; branches 1.14.6.1; next 1.13; 1.13 date 2005.12.07.17.50.37; author wiz; state Exp; branches; next 1.12; 1.12 date 2005.10.15.18.14.03; author wiz; state Exp; branches; next 1.11; 1.11 date 2005.02.23.20.39.48; author agc; state Exp; branches; next 1.10; 1.10 date 2004.09.24.13.04.41; author wiz; state Exp; branches; next 1.9; 1.9 date 2003.12.08.14.39.40; author wiz; state Exp; branches; next 1.8; 1.8 date 2002.08.25.18.38.17; author jlam; state Exp; branches; next 1.7; 1.7 date 2002.08.05.13.11.22; author lukem; state Exp; branches; next 1.6; 1.6 date 2002.01.02.12.39.37; author lukem; state Exp; branches 1.6.2.1; next 1.5; 1.5 date 2001.08.14.14.53.20; author lukem; state Exp; branches; next 1.4; 1.4 date 2001.08.08.09.55.28; author lukem; state Exp; branches; next 1.3; 1.3 date 2001.05.02.14.01.44; author wiz; state Exp; branches; next 1.2; 1.2 date 2001.04.18.12.14.33; author agc; state Exp; branches; next 1.1; 1.1 date 2001.04.17.10.23.13; author agc; state Exp; branches; next ; 1.25.20.1 date 2018.03.16.21.37.30; author spz; state Exp; branches; next ; commitid qOIA3yVrZKx7gJuA; 1.20.10.1 date 2012.02.18.23.17.50; author tron; state Exp; branches; next ; 1.17.2.1 date 2009.12.03.10.16.10; author tron; state Exp; branches; next ; 1.16.2.1 date 2009.08.23.10.33.57; author tron; state Exp; branches; next ; 1.14.6.1 date 2008.05.22.13.54.10; author ghen; state Exp; branches; next ; 1.6.2.1 date 2002.08.22.11.09.57; author jlam; state Exp; branches; next ; desc @@ 1.31 log @libvorbis: fix for Darwin with ARM @ text @$NetBSD: distinfo,v 1.30 2021/10/26 09:59:10 nia Exp $ BLAKE2s (libvorbis-1.3.7.tar.xz) = dd92a6ac2fb16b8f03120cc9c96d102a32a93cca50e867c030ee41411f0149f7 SHA512 (libvorbis-1.3.7.tar.xz) = bbf5f11f623d959b3ba98d6b52806521b0b918b59b867f0658c153ea1013293364eead4987e9e71f8798021379310860a2e548fcf89d10caf23d45e41aba45cd Size (libvorbis-1.3.7.tar.xz) = 1203792 bytes SHA1 (patch-configure) = 2b22bad31bbd20b521eff833bba96df3e881cf10 @ 1.30 log @audio: Replace RMD160 checksums with BLAKE2s checksums All checksums have been double-checked against existing RMD160 and SHA512 hashes. The following distfiles couldn't be fetched (possibly they are fetched conditionally): ./audio/freeswitch-sounds-ru/distinfo freeswitch/freeswitch-sounds-ru-RU-elena-32000-1.0.13.tar.gz ./audio/freeswitch-sounds-ru/distinfo freeswitch/freeswitch-sounds-ru-RU-elena-48000-1.0.13.tar.gz ./audio/freeswitch-music/distinfo freeswitch/freeswitch-sounds-music-32000-1.0.8.tar.gz ./audio/freeswitch-music/distinfo freeswitch/freeswitch-sounds-music-48000-1.0.8.tar.gz ./audio/freeswitch-sounds-fr/distinfo freeswitch/freeswitch-sounds-fr-ca-june-32000-1.0.18.tar.gz ./audio/freeswitch-sounds-fr/distinfo freeswitch/freeswitch-sounds-fr-ca-june-48000-1.0.18.tar.gz ./audio/freeswitch-sounds-en/distinfo freeswitch/freeswitch-sounds-en-us-callie-32000-1.0.22.tar.gz ./audio/freeswitch-sounds-en/distinfo freeswitch/freeswitch-sounds-en-us-callie-48000-1.0.22.tar.gz @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.29 2021/10/07 13:09:36 nia Exp $ d6 1 @ 1.29 log @audio: Remove SHA1 hashes for distfiles @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.28 2020/07/06 15:32:47 adam Exp $ d3 1 a3 1 RMD160 (libvorbis-1.3.7.tar.xz) = d2740a2d0fb626685eaae47370e42f0b85db81b3 @ 1.28 log @libvorbis: updated to 1.3.7 libvorbis 1.3.7 * Fix CVE-2018-10393 - out-of-bounds read encoding very low sample rates. * Fix CVE-2017-14160 - out-of-bounds read encoding very low sample rates. * Fix handling invalid bytes per sample arguments. * Fix handling invalid channel count arguments. * Fix invalid free on seek failure. * Fix negative shift reading blocksize. * Fix accepting unreasonable float32 values. * Fix tag comparison depending on locale. * Fix unnecessarily linking libm. * Fix memory leak in test_sharedbook. * Update Visual Studio projects for ogg library filename change. * Distribute CMake build files with the source package. * Remove unnecessary configure --target switch. * Add gitlab CI support. * Add OSS-Fuzz support. * Build system and integration updates. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.27 2018/08/06 13:25:38 snj Exp $ a2 1 SHA1 (libvorbis-1.3.7.tar.xz) = 0a2dd71a999656b8091506839e8007a61a8fda1f @ 1.27 log @audio/libvorbis: Fix CVE-2017-14160, CVE-2018-10392, and CVE-2018-10393. Bump PKGREVISION to 1. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.26 2018/03/16 20:23:53 maya Exp $ d3 4 a6 6 SHA1 (libvorbis-1.3.6.tar.xz) = 237e3d1c66452734fd9b32f494f44238b4f0185e RMD160 (libvorbis-1.3.6.tar.xz) = 80213c5a1506438a342588ae58097a1590b6657c SHA512 (libvorbis-1.3.6.tar.xz) = a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132 Size (libvorbis-1.3.6.tar.xz) = 1195388 bytes SHA1 (patch-lib_psy.c) = acbc6fd4e4e7710a05b6342c10270f085214a84f SHA1 (patch-lib_vorbisenc.c) = e65377b441c71e75e86064292dccfb86acf298b2 @ 1.26 log @libvorbis: update to 1.3.6. security fix. libvorbis 1.3.6 (2018-03-16) -- "Xiph.Org libVorbis I 20180316 (Now 100% fewer shells)" * Fix CVE-2018-5146 - out-of-bounds write on codebook decoding. * Fix CVE-2017-14632 - free() on unitialized data * Fix CVE-2017-14633 - out-of-bounds read * Fix bitrate metadata parsing. * Fix out-of-bounds read in codebook parsing. * Fix residue vector size in Vorbis I spec. * Appveyor support * Travis CI support * Add secondary CMake build system. * Build system fixes @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.25 2015/11/03 01:12:39 agc Exp $ d7 2 @ 1.25 log @Add SHA512 digests for distfiles for audio category Problems found with existing distfiles: /pub/pkgsrc/distfiles/amp-0.7.6.tgz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-music-32000-1.0.8.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-music-48000-1.0.8.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-en-us-callie-32000-1.0.22.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-en-us-callie-48000-1.0.22.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-fr-ca-june-32000-1.0.18.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-fr-ca-june-48000-1.0.18.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-ru-RU-elena-16000-1.0.12.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-ru-RU-elena-32000-1.0.12.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-ru-RU-elena-48000-1.0.12.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-ru-RU-elena-8000-1.0.12.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-fr-ca-june-32000-1.0.18.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-fr-ca-june-48000-1.0.18.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-ru-RU-elena-32000-1.0.13.tar.gz /pub/pkgsrc/distfiles/freeswitch/freeswitch-sounds-ru-RU-elena-48000-1.0.13.tar.gz /pub/pkgsrc/distfiles/kid3-3.3.0.tar.gz /pub/pkgsrc/distfiles/libdca-0.0.5.tar.bz2 /pub/pkgsrc/distfiles/mp3to.gz /pub/pkgsrc/distfiles/squeezeboxserver-7.5.1-noCPAN.tgz No changes made to these file. Otherwise, existing SHA1 digests verified and found to be the same on the machine holding the existing distfiles (morden). All existing SHA1 digests retained for now as an audit trail. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.24 2015/03/09 08:14:23 wiz Exp $ d3 4 a6 4 SHA1 (libvorbis-1.3.5.tar.xz) = 7b4cdd4a73fadfed457ae40984cb0cc91146b300 RMD160 (libvorbis-1.3.5.tar.xz) = 9d63b156e222fe865a6a4869bdf237d9523ce623 SHA512 (libvorbis-1.3.5.tar.xz) = f18f32edc43f65fea2dd4133e2828a0ced9e5b0797c4569bd26989fc1409ad599359e7c796bffc082ad36189f9722c7b38837384cea66d217beac8b425299ef8 Size (libvorbis-1.3.5.tar.xz) = 1193144 bytes @ 1.25.20.1 log @Pullup ticket #5722 - requested by maya audio/libvorbis: security update Revisions pulled up: - audio/libvorbis/Makefile 1.60 - audio/libvorbis/distinfo 1.26 ------------------------------------------------------------------- Module Name: pkgsrc Committed By: maya Date: Fri Mar 16 20:23:53 UTC 2018 Modified Files: pkgsrc/audio/libvorbis: Makefile distinfo Log Message: libvorbis: update to 1.3.6. security fix. libvorbis 1.3.6 (2018-03-16) -- "Xiph.Org libVorbis I 20180316 (Now 100% fewer shells)" * Fix CVE-2018-5146 - out-of-bounds write on codebook decoding. * Fix CVE-2017-14632 - free() on unitialized data * Fix CVE-2017-14633 - out-of-bounds read * Fix bitrate metadata parsing. * Fix out-of-bounds read in codebook parsing. * Fix residue vector size in Vorbis I spec. * Appveyor support * Travis CI support * Add secondary CMake build system. * Build system fixes To generate a diff of this commit: cvs rdiff -u -r1.59 -r1.60 pkgsrc/audio/libvorbis/Makefile cvs rdiff -u -r1.25 -r1.26 pkgsrc/audio/libvorbis/distinfo @ text @d1 1 a1 1 $NetBSD$ d3 4 a6 4 SHA1 (libvorbis-1.3.6.tar.xz) = 237e3d1c66452734fd9b32f494f44238b4f0185e RMD160 (libvorbis-1.3.6.tar.xz) = 80213c5a1506438a342588ae58097a1590b6657c SHA512 (libvorbis-1.3.6.tar.xz) = a5d990bb88db2501b16f8eaee9f2ecb599cefd7dab2134d16538d8905263a972157c7671867848c2a8a358bf5e5dbc7721205ece001032482f168be7bda4f132 Size (libvorbis-1.3.6.tar.xz) = 1195388 bytes @ 1.24 log @Update to 1.3.5: libvorbis 1.3.5 (unreleased) -- "Xiph.Org libVorbis I 20150105 (⛄⛄⛄⛄)" * Tolerate single-entry codebooks. * Fix decoder crash with invalid input. * Fix encoder crash with non-positive sample rates. # Fix issues in vorbisfile's seek bisection code. * Spec errata. * Reject multiple headers of the same type. * Various build fixes and code cleanup. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.23 2014/01/27 20:17:01 wiz Exp $ d5 1 @ 1.23 log @Update to 1.3.4: Xiph.Org is pleased to announce a full release of libvorbis 1.3.4. The primary feature of this release is reduced static data size in libvorbisenc, as well as associated minor changes required to libvorbis and libvorbisfile. The release also contains minor build fixes and build system updates. There are no functional changes over the previous 1.3.3 release. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.22 2012/02/21 13:05:57 drochner Exp $ d3 3 a5 3 SHA1 (libvorbis-1.3.4.tar.xz) = b99724acdf3577982b3146b9430d765995ecf9e1 RMD160 (libvorbis-1.3.4.tar.xz) = 98972ed04f7fb587ae4ce2c5a55ebbfcf0e23edf Size (libvorbis-1.3.4.tar.xz) = 1091376 bytes @ 1.22 log @update to 1.3.3 integrates the fix for CVE-2012-0444 @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.21 2012/02/17 12:23:24 drochner Exp $ d3 3 a5 3 SHA1 (libvorbis-1.3.3.tar.xz) = 31d1a0ec4815bf1ee638b0f2850f03efcd48022a RMD160 (libvorbis-1.3.3.tar.xz) = b73f638e23ed907cff9e900a9edabb7ad34a0bcf Size (libvorbis-1.3.3.tar.xz) = 1087888 bytes @ 1.21 log @add patch from upstream to fix possible memory corruption by malicious Ogg Vorbis files bump PKGREV @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.20 2010/11/09 13:12:11 adam Exp $ d3 3 a5 4 SHA1 (libvorbis-1.3.2.tar.bz2) = 4c44da8215d1fc56676fccc1af8dd6b422d9e676 RMD160 (libvorbis-1.3.2.tar.bz2) = 2478fd66305ee6fa31d6d336e4ff2b3ec649d661 Size (libvorbis-1.3.2.tar.bz2) = 1230364 bytes SHA1 (patch-CVE-2012-0444) = c5e2cb7ee0a13c38b43166952954e66bcc5307a1 @ 1.20 log @Changes 1.3.2: * vorbis: additional proofing against invalid/malicious streams in floor, residue, and bos/eos packet trimming code (see SVN for details). * vorbis: Added programming documentation tree for the low-level calls * vorbisfile: Correct handling of serial numbers array element [0] on non-seekable streams * vorbisenc: Back out an [old] AoTuV HF weighting that was first enabled in 1.3.0; there are a few samples where I really don't like the effect it causes. * vorbis: return correct timestamp for granule positions with high bit set. * vorbisfile: the [undocumented] half-rate decode api made no attempt to keep the pcm offset tracking consistent in seeks. Fix and add a testing mode to seeking_example.c to torture test seeking in halfrate mode. Also remove requirement that halfrate mode only work with seekable files. * vorbisfile: Fix a chaining bug in raw_seeks where seeking out of the current link would fail due to not reinitializing the decode machinery. * vorbisfile: improve seeking strategy. Reduces the necessary number of seek callbacks in an open or seek operation by well over 2/3. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.19 2010/04/23 21:45:19 wiz Exp $ d6 1 @ 1.20.10.1 log @Pullup ticket #3684 - requested by drochner audio/libvorbis: security patch Revisions pulled up: - audio/libvorbis/Makefile 1.52 - audio/libvorbis/distinfo 1.21 - audio/libvorbis/patches/patch-CVE-2012-0444 1.1 --- Module Name: pkgsrc Committed By: drochner Date: Fri Feb 17 12:23:24 UTC 2012 Modified Files: pkgsrc/audio/libvorbis: Makefile distinfo Added Files: pkgsrc/audio/libvorbis/patches: patch-CVE-2012-0444 Log Message: add patch from upstream to fix possible memory corruption by malicious Ogg Vorbis files bump PKGREV @ text @d1 1 a1 1 $NetBSD$ a5 1 SHA1 (patch-CVE-2012-0444) = c5e2cb7ee0a13c38b43166952954e66bcc5307a1 @ 1.19 log @Update to 1.3.1: libvorbis 1.3.1 (2010-02-26) -- "Xiph.Org libVorbis I 20100325 (Everywhere)" * tweak + minor arithmetic fix in floor1 fit * revert noise norm to conservative 1.2.3 behavior pending more listening testing libvorbis 1.3.0 (2010-02-25) -- unreleased staging snapshot * Optimized surround support for 5.1 encoding at 44.1/48kHz * Added encoder control call to disable channel coupling * Correct an overflow bug in very low-bitrate encoding on 32 bit machines that caused inflated bitrates * Numerous API hardening, leak and build fixes * Correct bug in 22kHz compand setup that could cause a crash * Correct bug in 16kHz codebooks that could cause unstable pure tones at high bitrates @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.18 2009/12/02 12:41:25 wiz Exp $ d3 3 a5 3 SHA1 (libvorbis-1.3.1.tar.gz) = 0874dd08699240b868b22979da4c95ae6325006b RMD160 (libvorbis-1.3.1.tar.gz) = 0ed122d628c3c0152ff2d245aaf5e7ac2667f0cc Size (libvorbis-1.3.1.tar.gz) = 1467164 bytes @ 1.18 log @Apply some possible security fixes from upstream SVN. Glanced from links in mozilla advisory http://www.mozilla.org/security/announce/2009/mfsa2009-63.html and Fedora Core patches for 1.2.0. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.17 2009/07/17 20:28:21 wiz Exp $ d3 3 a5 5 SHA1 (libvorbis-1.2.3.tar.gz) = a93251aa5e4f142db4fa6433de80797f80960fac RMD160 (libvorbis-1.2.3.tar.gz) = e80ad7de3c2599e0d88994876407ac8fe3c9a0e7 Size (libvorbis-1.2.3.tar.gz) = 1474492 bytes SHA1 (patch-aa) = bd1534e2f680d5621a7909fd0b197d9d8c52b91d SHA1 (patch-ab) = b253546a863893e96569d8afb5e626ffe5f226dc @ 1.17 log @Update to 1.2.3. Set LICENSE. Two of the patches were from upstream CVS, the other two are not needed any longer because the configure script was improved. libvorbis 1.2.3 (2009-07-09) -- "Xiph.Org libVorbis I 20090709" * correct a vorbisfile bug that prevented proper playback of Vorbis files where all audio in a logical stream is in a single page * Additional decode setup hardening against malicious streams * Add 'OV_EXCLUDE_STATIC_CALLBACKS' define for developers who wish to avoid avoid unused symbol warnings from the static callbacks defined in vorbisfile.h libvorbis 1.2.2 (2009-06-24) -- "Xiph.Org libVorbis I 20090624" * define VENDOR and ENCODER strings * seek correctly in files bigger than 2 GB (Windows) * fix regression from CVE-2008-1420; 1.0b1 files work again * mark all tables as constant to reduce memory occupation * additional decoder hardening against malicious streams * substantially reduce amount of seeking performed by Vorbisfile * Multichannel decode bugfix * build system updates * minor specification clarifications/fixes libvorbis 1.2.1 (unreleased) -- "Xiph.Org libVorbis I 20080501" * Improved robustness with corrupt streams. * New ov_read_filter() vorbisfile call allows filtering decoded audio as floats before converting to integer samples. * Fix an encoder bug with multichannel streams. * Replaced RTP payload format draft with RFC 5215. * Bare bones self test under 'make check'. * Fix a problem encoding some streams between 14 and 28 kHz. * Fix a numerical instability in the edge extrapolation filter. * Build system improvements. * Specification correction. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.16 2009/05/18 04:42:44 dholland Exp $ d6 2 @ 1.17.2.1 log @Pullup ticket #2943 - requested by wiz libvorbis: security patch Revisions pulled up: - audio/libvorbis/Makefile 1.49 - audio/libvorbis/distinfo 1.18 - audio/libvorbis/patches/patch-aa 1.5 - audio/libvorbis/patches/patch-ab 1.5 --- Module Name: pkgsrc Committed By: wiz Date: Wed Dec 2 12:41:25 UTC 2009 Modified Files: pkgsrc/audio/libvorbis: Makefile distinfo Added Files: pkgsrc/audio/libvorbis/patches: patch-aa patch-ab Log Message: Apply some possible security fixes from upstream SVN. Glanced from links in mozilla advisory http://www.mozilla.org/security/announce/2009/mfsa2009-63.html and Fedora Core patches for 1.2.0. Bump PKGREVISION. @ text @d1 1 a1 1 $NetBSD$ a5 2 SHA1 (patch-aa) = bd1534e2f680d5621a7909fd0b197d9d8c52b91d SHA1 (patch-ab) = b253546a863893e96569d8afb5e626ffe5f226dc @ 1.16 log @PR 37177: Raymond Meyer: gcc no longer supports -mv8 on Solaris. Build fix; no version bump. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.15 2008/05/14 16:36:18 drochner Exp $ d3 3 a5 7 SHA1 (libvorbis-1.2.0.tar.gz) = 6ff5f9d9d71cc385ee180171cc21af5653b76a16 RMD160 (libvorbis-1.2.0.tar.gz) = 54bf2b48943e283f003cd5dfb4bf9e519b6a817d Size (libvorbis-1.2.0.tar.gz) = 1494373 bytes SHA1 (patch-aa) = 8d6d491a75531eb0527da6218eeb123692ae747e SHA1 (patch-ab) = 07c6ef26df0adf1abce4b96a6aff512ed1d6597a SHA1 (patch-ac) = afa921a67e85ccc81ced6ddfb7d48a9472de76dd SHA1 (patch-ad) = bb28ad8754b8d1dadd6541c2a80a2961e5343914 @ 1.16.2.1 log @Pullup ticket #2871 - requested by wiz libvorbis: security update Revisions pulled up: - audio/libvorbis/Makefile 1.48 - audio/libvorbis/PLIST 1.10 - audio/libvorbis/distinfo 1.17 - audio/libvorbis/patches/patch-aa delete - audio/libvorbis/patches/patch-ab delete - audio/libvorbis/patches/patch-ac delete - audio/libvorbis/patches/patch-ad delete --- Module Name: pkgsrc Committed By: wiz Date: Fri Jul 17 20:28:21 UTC 2009 Modified Files: pkgsrc/audio/libvorbis: Makefile PLIST distinfo Removed Files: pkgsrc/audio/libvorbis/patches: patch-aa patch-ab patch-ac patch-ad Log Message: Update to 1.2.3. Set LICENSE. Two of the patches were from upstream CVS, the other two are not needed any longer because the configure script was improved. libvorbis 1.2.3 (2009-07-09) -- "Xiph.Org libVorbis I 20090709" * correct a vorbisfile bug that prevented proper playback of Vorbis files where all audio in a logical stream is in a single page * Additional decode setup hardening against malicious streams * Add 'OV_EXCLUDE_STATIC_CALLBACKS' define for developers who wish to avoid avoid unused symbol warnings from the static callbacks defined in vorbisfile.h libvorbis 1.2.2 (2009-06-24) -- "Xiph.Org libVorbis I 20090624" * define VENDOR and ENCODER strings * seek correctly in files bigger than 2 GB (Windows) * fix regression from CVE-2008-1420; 1.0b1 files work again * mark all tables as constant to reduce memory occupation * additional decoder hardening against malicious streams * substantially reduce amount of seeking performed by Vorbisfile * Multichannel decode bugfix * build system updates * minor specification clarifications/fixes libvorbis 1.2.1 (unreleased) -- "Xiph.Org libVorbis I 20080501" * Improved robustness with corrupt streams. * New ov_read_filter() vorbisfile call allows filtering decoded audio as floats before converting to integer samples. * Fix an encoder bug with multichannel streams. * Replaced RTP payload format draft with RFC 5215. * Bare bones self test under 'make check'. * Fix a problem encoding some streams between 14 and 28 kHz. * Fix a numerical instability in the edge extrapolation filter. * Build system improvements. * Specification correction. @ text @d1 1 a1 1 $NetBSD$ d3 7 a9 3 SHA1 (libvorbis-1.2.3.tar.gz) = a93251aa5e4f142db4fa6433de80797f80960fac RMD160 (libvorbis-1.2.3.tar.gz) = e80ad7de3c2599e0d88994876407ac8fe3c9a0e7 Size (libvorbis-1.2.3.tar.gz) = 1474492 bytes @ 1.15 log @pull some patches from upstream CVS to fix integer overflows / buffer overflows (CVE-2008-1419, CVE-2008-1420, CVE-2008-1423), bump PKGREVISION @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.14 2007/07/28 07:58:48 wiz Exp $ d8 2 @ 1.14 log @Update to 1.2.0: libvorbis 1.2.0 (2007-07-25) -- "Xiph.Org libVorbis I 20070622" * new ov_fopen() convenience call that avoids the common stdio conflicts with ov_open() and MSVC runtimes. * libvorbisfile now handles multiplexed streams * improve robustness to corrupt input streams * fix a minor encoder bug * updated RTP draft * build system updates * minor corrections to the specification @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.13 2005/12/07 17:50:37 wiz Exp $ d6 2 @ 1.14.6.1 log @Pullup ticket 2393 - requested by drochner security fixes for libvorbis - pkgsrc/audio/libvorbis/Makefile 1.47 - pkgsrc/audio/libvorbis/distinfo 1.15 - pkgsrc/audio/libvorbis/patches/patch-aa 1.3 - pkgsrc/audio/libvorbis/patches/patch-ab 1.3 Module Name: pkgsrc Committed By: drochner Date: Wed May 14 16:36:18 UTC 2008 Modified Files: pkgsrc/audio/libvorbis: Makefile distinfo Added Files: pkgsrc/audio/libvorbis/patches: patch-aa patch-ab Log Message: pull some patches from upstream CVS to fix integer overflows / buffer overflows (CVE-2008-1419, CVE-2008-1420, CVE-2008-1423), bump PKGREVISION @ text @d1 1 a1 1 $NetBSD$ a5 2 SHA1 (patch-aa) = 8d6d491a75531eb0527da6218eeb123692ae747e SHA1 (patch-ab) = 07c6ef26df0adf1abce4b96a6aff512ed1d6597a @ 1.13 log @Update to 1.1.2: libvorbis 1.1.2 (2005-11-27) -- "Xiph.Org libVorbis I 20050304" * fix a serious encoder bug with gcc 4 optimized builds * documentation and spec fixes * updated VS2003 and XCode builds * new draft RTP encapsulation spec @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.12 2005/10/15 18:14:03 wiz Exp $ d3 3 a5 3 SHA1 (libvorbis-1.1.2.tar.gz) = 26289fc41aa5436b1a277d726bb5cb106d675c35 RMD160 (libvorbis-1.1.2.tar.gz) = 2f1c59ab8237fe3af28f9979cd96008cfa3567cb Size (libvorbis-1.1.2.tar.gz) = 1316434 bytes @ 1.12 log @Update to 1.1.1. This releases includes some bug and documentation fixes, but no new encoder modes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.11 2005/02/23 20:39:48 agc Exp $ d3 3 a5 3 SHA1 (libvorbis-1.1.1.tar.gz) = 6fb534be6635f8577d868798d5b1b92c26c9b13d RMD160 (libvorbis-1.1.1.tar.gz) = 3454f3f2d5641ba17dd99de0923d7b00ffe891ee Size (libvorbis-1.1.1.tar.gz) = 1307726 bytes @ 1.11 log @Add RMD160 digests to the SHA1 ones. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.10 2004/09/24 13:04:41 wiz Exp $ d3 3 a5 3 SHA1 (libvorbis-1.1.0.tar.gz) = 52fd3cb3e3876cb890bd8d8867db52663a847418 RMD160 (libvorbis-1.1.0.tar.gz) = 8819812ee657af556ff9f8f8e7aad35f069c9126 Size (libvorbis-1.1.0.tar.gz) = 1312404 bytes @ 1.10 log @Update to 1.1.0: libvorbis 1.1.0 (2004-09-22) -- "Xiph.Org libVorbis I 20040629" * merges tuning improvements from Aoyumi's aoTuV with fixups * new managed bitrate (CBR) mode support * new vorbis_encoder_ctl() interface * extensive documentation updates * application/ogg mimetype is now official * autotools cleanup from Thomas Vander Stichele * SymbianOS build support from Colin Ward at CSIRO * various bugfixes * various packaging improvements Package change: install documentation in share/doc instead of share/doc/html. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.9 2003/12/08 14:39:40 wiz Exp $ d4 1 @ 1.9 log @Update to 1.0.1: * Corrects errors in the Vorbis specification documentation. * Specification converted to DocBook format. * Added timebase conversion call to libvorbis. * Fixes ov_time_tell() bug for non-seekable streams. * Various decoding fixes. * Addition of ov_crosslap() which allows smooth transitions between two vorbis segments. * Numerous seeking fixes and optimizations. * Fixed bugs affecting decode of one-audio-page samples. * Added ov_halfrate() which allows a "free" conversion from the source sample rate to half of the source rate. * Improved handling of quiet signals in low bitrate modes @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.8 2002/08/25 18:38:17 jlam Exp $ d3 2 a4 5 SHA1 (libvorbis-1.0.1.tar.gz) = 49fcf94c51ee2652d19a03377918196bb7e1ce5f Size (libvorbis-1.0.1.tar.gz) = 1218076 bytes SHA1 (patch-ae) = fef2e93ca3a72101f04a74a1ec9707466c1f208d SHA1 (patch-af) = 466332dc09f496909faf719f76ac46236d5c32ce SHA1 (patch-ag) = 1a3ba0fdfe9e92e838d221f4d88160f6c31bd09e @ 1.8 log @Merge changes in packages from the buildlink2 branch that have buildlink2.mk files back into the main trunk. This provides sufficient buildlink2 infrastructure to start merging other packages from the buildlink2 branch that have already been converted to use the buildlink2 framework. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6.2.1 2002/08/22 11:09:57 jlam Exp $ d3 5 a7 5 SHA1 (libvorbis-1.0.tar.gz) = 2b414cb4cf7d022d39b7be7049f2c84a287a4fc7 Size (libvorbis-1.0.tar.gz) = 749064 bytes SHA1 (patch-ae) = 84979200c46ab2ca801ee43f1cedf9a76fa08219 SHA1 (patch-af) = 3218bb39d12d542f5ccfe9d4e23ec6f0e627c1d4 SHA1 (patch-ag) = e2aedef7eba5f7d8146dcaa0bbe0c8ce50cd09f7 @ 1.7 log @Update to libvorbis 1.0. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.6 2002/01/02 12:39:37 lukem Exp $ @ 1.6 log @Update from 1.0.0.6 (1.0 rc2) to 1.0.0.7 (1.0 rc3). No real notable changes. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.5 2001/08/14 14:53:20 lukem Exp $ d3 3 a5 3 SHA1 (libvorbis-1.0rc3.tar.gz) = 4addbca3427daa1fd600ac9b0b5c407c2b87a04d Size (libvorbis-1.0rc3.tar.gz) = 563834 bytes SHA1 (patch-ae) = de04ccf4a3f22cef52a9d9f5cddb9b045c5ff0f6 @ 1.6.2.1 log @Merge changes from pkgsrc-current into the buildlink2 branch for the packages that have buildlink2.mk files. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.7 2002/08/05 13:11:22 lukem Exp $ d3 3 a5 3 SHA1 (libvorbis-1.0.tar.gz) = 2b414cb4cf7d022d39b7be7049f2c84a287a4fc7 Size (libvorbis-1.0.tar.gz) = 749064 bytes SHA1 (patch-ae) = 84979200c46ab2ca801ee43f1cedf9a76fa08219 @ 1.5 log @update from libvorbis-1.0rc1 to libvorbis-1.0rc2. changes: * Powerful channel coupling system takes advantage of similarities between channels to reduce bitrate. * Additional encoding modes give more flexibility in bitrate selection. 64,80,96,128,160,192,256,350 stereo; 32,48,64,80,112,140 mono modes. * Only 44.1KHz/48KHz is officially supported in this release. Lower sample rates will work, but with much lower quality. * Cascaded encoding makes libvorbis ready for future bitrate reduction tools. * Decode engine bugfix ensures better compatibility with future Vorbis codecs. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.4 2001/08/08 09:55:28 lukem Exp $ d3 2 a4 2 SHA1 (libvorbis-1.0rc2.tar.gz) = 6ac247880e9f4f51045c1f0eba6b7bf08ee25b73 Size (libvorbis-1.0rc2.tar.gz) = 599017 bytes d6 2 a7 2 SHA1 (patch-af) = 0cf2573621f6e0e481dbdd1885a7edfdfe5f74a3 SHA1 (patch-ag) = 772aa8e32352385de6b7f82e557aab66e5199b66 @ 1.4 log @update libvorbis from 1.0beta4 -> 1.0rc1, including removing a bunch of patches which are now in the mainline code @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.3 2001/05/02 14:01:44 wiz Exp $ d3 2 a4 2 SHA1 (libvorbis-1.0rc1.tar.gz) = f356c2a2fb459bdc6eb291b637087405f56df94a Size (libvorbis-1.0rc1.tar.gz) = 477040 bytes @ 1.3 log @Install html documentation in share/doc/html instead of share/doc. By Dieter Baron. @ text @d1 1 a1 1 $NetBSD: distinfo,v 1.2 2001/04/18 12:14:33 agc Exp $ d3 2 a4 6 SHA1 (libvorbis-1.0beta4.tar.gz) = c101d89c1064b1e80be65fbef785a22654203e39 Size (libvorbis-1.0beta4.tar.gz) = 457797 bytes SHA1 (patch-aa) = 2293192c1eeadfdb9629d94c86a083c8e348f137 SHA1 (patch-ab) = 1a84a3757aecef0f4ae0caba996e8740b84ac1e6 SHA1 (patch-ac) = 39ceba79fffefc2bb165f2245e30158dfa3bc006 SHA1 (patch-ad) = b3ef346320dfce68e2f1621b902445e9688bf377 @ 1.2 log @Move to sha1 digests, and add distfile sizes. @ text @d1 1 a1 1 $NetBSD$ d9 3 @ 1.1 log @+ move the distfile digest/checksum value from files/md5 to distinfo + move the patch digest/checksum values from files/patch-sum to distinfo @ text @d1 1 a1 1 $NetBSD: md5,v 1.1.1.1 2001/03/15 20:39:31 wiz Exp $ d4 1 @