Package: vorbis-tools / 1.4.0-6+deb8u1

Metadata

Package Version Patches format
vorbis-tools 1.4.0-6+deb8u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
no_debian_subdir.diff | (download)

Makefile.in | 2 1 + 1 - 0 !
configure | 3 1 + 2 - 0 !
configure.ac | 1 0 + 1 - 0 !
3 files changed, 2 insertions(+), 4 deletions(-)

 
---
dont corrupt stdout.patch | (download)

oggdec/oggdec.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
---
quality check first scale next.patch | (download)

oggenc/oggenc.c | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 
 floating point comparison fails.
 In checking the quality setting, the program `oggenc'
 performs a floating point comparison after down scaling
 the given value to a tenth. This causes the inexact
 internal representation to complain unnecessarily.
 *
 It is better to compare first, and normalize later,
 since quality 10 is top notch!
format security.patch | (download)

ogg123/status.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 fix format error blocking compilation with hardening
 Enabling hardening refuses to compile code with sprintf() calls
 with no formatting string.  Adjust the code to work with hardening.
fix_xiph_url.diff | (download)

vorbiscomment/vorbiscomment.1 | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
---
fix ogg123 freeze when interrupting at end of stream.patch | (download)

ogg123/buffer.c | 26 23 + 3 - 0 !
1 file changed, 23 insertions(+), 3 deletions(-)

 
 fix ogg123 freeze when interrupting at end-of-stream.

Bug-Debian: https://bugs.debian.org/307325

When arriving at the end of the input file, the main thread waits for
the output thread to finish up the current buffer. If a cancellation
signal arrives at that stage, this signal of an empty buffer never
arrives because the output thread bails out before actually emptying
the buffer.

Fix:
1.) Make sure the output thread wakes up the main thread when bailing
out, so the main thread can go on, too.
2.) When the main thread wakes up while waiting for an empty buffer,
make sure it understands the situation (that there won't be an empty
buffer because the replay has been cancelled) and doesn't go back to
sleep.
documentation of link between f and d flag.patch | (download)

ogg123/cmdline_options.c | 2 1 + 1 - 0 !
ogg123/ogg123.1 | 3 2 + 1 - 0 !
2 files changed, 3 insertions(+), 2 deletions(-)

 
 make it clear in documentation that -f needs a previous -d.

Bug-Debian: https://bugs.debian.org/359948
0009 Fix oggenc crash on closing raw input files.patch | (download)

oggenc/oggenc.c | 4 2 + 2 - 0 !
1 file changed, 2 insertions(+), 2 deletions(-)

 
 fix oggenc crash on closing raw input files
0015 Fix Large alloca on bad AIFF input CVE 2015 6749.patch | (download)

oggenc/audio.c | 10 5 + 5 - 0 !
1 file changed, 5 insertions(+), 5 deletions(-)

 
 oggenc: fix large alloca on bad aiff input
 This is CVE-2015-6749.
0016 Validate channel count in audio header.patch | (download)

oggenc/audio.c | 18 16 + 2 - 0 !
1 file changed, 16 insertions(+), 2 deletions(-)

 
 oggenc: validate count of channels in the header
 Fixes CVE-2014-9638 and CVE-2014-9639.
Fix segfault in vcut.patch | (download)

vcut/vcut.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 vcut: fix segmentation fault because of out-of-range index in header
 writing

Bug-Debian: https://bugs.debian.org/818037
Bug: https://trac.xiph.org/ticket/2264