pkgsrc.se | The NetBSD package collection

./audio/libvorbis, Library for the Ogg Vorbis audio encoding format

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2017Q4, Version: 1.3.6, Package name: libvorbis-1.3.6, Maintainer: pkgsrc-users

libvorbis includes the Ogg Vorbis audio encoding format library
and Vorbis documentation. The Ogg library is in libogg.
Vorbis is a general purpose audio and music encoding format
contemporary to MPEG-4's AAC and TwinVQ, the next generation beyond
MPEG audio layer 3. Unlike the MPEG sponsored formats (and other
proprietary formats such as RealAudio G2 and Windows' flavor of the
month), the Vorbis CODEC specification belongs to the public domain.
All the technical details are published and documented, and any
software entity may make full use of the format without royalty or
patent concerns.

This package doesn't install the example executables:
chaining_example, decoder_example, encoder_example,
seeking_example, and vorbisfile_example.

This package is libvorbis 1.0

Required to run:
[multimedia/libogg]

Required to build:
[pkgtools/cwrappers]

Master sites:

http://downloads.xiph.org/releases/vorbis/ (Download)

SHA1: 237e3d1c66452734fd9b32f494f44238b4f0185e
RMD160: 80213c5a1506438a342588ae58097a1590b6657c
Filesize: 1167.371 KB

Version history: (Expand)

(2018-03-17) Updated to version: libvorbis-1.3.6
(2018-01-02) Package added to pkgsrc.se, version libvorbis-1.3.5 (created)

CVS history: (Expand)

2018-03-16 22:37:30 by S.P.Zeidler | Files touched by this commit (2) | Package updated

Log message:
Pullup ticket #5722 - requested by maya
audio/libvorbis: security update

Revisions pulled up:
- audio/libvorbis/Makefile                                      1.60
- audio/libvorbis/distinfo                                      1.26

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	maya
   Date:		Fri Mar 16 20:23:53 UTC 2018

   Modified Files:
   	pkgsrc/audio/libvorbis: Makefile distinfo

   Log message:
   libvorbis: update to 1.3.6. security fix.

   libvorbis 1.3.6 (2018-03-16) -- "Xiph.Org libVorbis I 20180316 (Now 100% \ 
fewer shells)"

   * Fix CVE-2018-5146 - out-of-bounds write on codebook decoding.
   * Fix CVE-2017-14632 - free() on unitialized data
   * Fix CVE-2017-14633 - out-of-bounds read
   * Fix bitrate metadata parsing.
   * Fix out-of-bounds read in codebook parsing.
   * Fix residue vector size in Vorbis I spec.
   * Appveyor support
   * Travis CI support
   * Add secondary CMake build system.
   * Build system fixes

   To generate a diff of this commit:
   cvs rdiff -u -r1.59 -r1.60 pkgsrc/audio/libvorbis/Makefile
   cvs rdiff -u -r1.25 -r1.26 pkgsrc/audio/libvorbis/distinfo