summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorwiz <wiz@pkgsrc.org>2021-02-24 12:31:57 +0000
committerwiz <wiz@pkgsrc.org>2021-02-24 12:31:57 +0000
commit3ba846080345d1b9e8ad2d52bfb7349e9642d699 (patch)
treee4c0c4191c463e9828c46d8afac71b483695b431
parentac9f0b0437689e488efbaf0dad40076c00c4dcd7 (diff)
downloadpkgsrc-3ba846080345d1b9e8ad2d52bfb7349e9642d699.tar.gz
taglib: update to 1.12.
TagLib 1.12 (Feb 16, 2021) ========================== * Added support for WinRT. * Added support for Linux on POWER. * Added support for classical music tags of iTunes 12.5. * Added support for file descriptor to FileStream. * Added support for 'cmID', 'purl', 'egid' MP4 atoms. * Added support for 'GRP1' ID3v2 frame. * Added support for extensible WAV subformat. * Enabled FileRef to detect file types based on the stream content. * Dropped support for Windows 9x and NT 4.0 or older. * Check for mandatory header objects in ASF files. * More tolerant handling of RIFF padding, WAV files, broken MPEG streams. * Improved calculation of Ogg, Opus, Speex, WAV, MP4 bitrates. * Improved Windows compatibility by storing FLAC picture after comments. * Fixed numerical genres in ID3v2.3.0 'TCON' frames. * Fixed consistency of API removing MP4 items when empty values are set. * Fixed consistency of API preferring COMM frames with no description. * Fixed OOB read on invalid Ogg FLAC files (CVE-2018-11439). * Fixed handling of empty MPEG files. * Fixed parsing MP4 mdhd timescale. * Fixed reading MP4 atoms with zero length. * Fixed reading FLAC files with zero-sized seektables. * Fixed handling of lowercase field names in Vorbis Comments. * Fixed handling of 'rate' atoms in MP4 files. * Fixed handling of invalid UTF-8 sequences. * Fixed possible file corruptions when saving Ogg files. * Fixed handling of non-audio blocks, sampling rates, DSD audio in WavPack files. * TableOfContentsFrame::toString() improved. * UserTextIdentificationFrame::toString() improved. * Marked FileRef::create() deprecated. * Marked MPEG::File::save() with boolean parameters deprecated, provide overloads with enum parameters. * Several smaller bug fixes and performance improvements.
Diffstat
-rw-r--r--audio/taglib/Makefile7
-rw-r--r--audio/taglib/PLIST5
-rw-r--r--audio/taglib/distinfo12
-rw-r--r--audio/taglib/patches/patch-CVE-2017-1267828
-rw-r--r--audio/taglib/patches/patch-CVE-2018-1143933
5 files changed, 11 insertions, 74 deletions
diff --git a/audio/taglib/Makefile b/audio/taglib/Makefile
index e0cac8fba61..805ffda7653 100644
--- a/audio/taglib/Makefile
+++ b/audio/taglib/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.41 2020/01/18 23:30:06 rillig Exp $
+# $NetBSD: Makefile,v 1.42 2021/02/24 12:31:57 wiz Exp $
-DISTNAME= taglib-1.11.1
-PKGREVISION= 1
+DISTNAME= taglib-1.12
CATEGORIES= audio
MASTER_SITES= http://taglib.github.io/releases/
@@ -31,7 +30,7 @@ SUBST_MESSAGE.pc= Fixing rpath in taglib-config.
#
# depends on builtin functions which enabled with i486 and later with GCC.
#
-.if ${OPSYS} == "NetBSD" && !empty(CC_VERSION:Mgcc-[4-9]*) && !empty(MACHINE_ARCH:Mi386)
+.if ${OPSYS} == "NetBSD" && !empty(CC_VERSION:Mgcc-[4-9]*) && ${MACHINE_ARCH} == i386
GNU_ARCH.i386= i486
CFLAGS+= -march=i486
.endif
diff --git a/audio/taglib/PLIST b/audio/taglib/PLIST
index 74cfc6f2e72..060210d1166 100644
--- a/audio/taglib/PLIST
+++ b/audio/taglib/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.19 2016/10/31 16:32:56 wiz Exp $
+@comment $NetBSD: PLIST,v 1.20 2021/02/24 12:31:57 wiz Exp $
bin/taglib-config
include/taglib/aifffile.h
include/taglib/aiffproperties.h
@@ -25,6 +25,7 @@ include/taglib/flacproperties.h
include/taglib/generalencapsulatedobjectframe.h
include/taglib/id3v1genres.h
include/taglib/id3v1tag.h
+include/taglib/id3v2.h
include/taglib/id3v2extendedheader.h
include/taglib/id3v2footer.h
include/taglib/id3v2frame.h
@@ -107,7 +108,7 @@ include/taglib/xmfile.h
include/taglib/xmproperties.h
lib/libtag.so
lib/libtag.so.1
-lib/libtag.so.1.17.0
+lib/libtag.so.1.18.0
lib/libtag_c.so
lib/libtag_c.so.0
lib/libtag_c.so.0.0.0
diff --git a/audio/taglib/distinfo b/audio/taglib/distinfo
index 1974b3a7663..e674904830b 100644
--- a/audio/taglib/distinfo
+++ b/audio/taglib/distinfo
@@ -1,8 +1,6 @@
-$NetBSD: distinfo,v 1.22 2019/07/18 09:36:37 nia Exp $
+$NetBSD: distinfo,v 1.23 2021/02/24 12:31:57 wiz Exp $
-SHA1 (taglib-1.11.1.tar.gz) = 80a30eeae67392f636c9f113c60d778c2995c99e
-RMD160 (taglib-1.11.1.tar.gz) = 408d2a888875bc29fc64c4d0056daebba2c55192
-SHA512 (taglib-1.11.1.tar.gz) = 7846775c4954ea948fe4383e514ba7c11f55d038ee06b6ea5a0a1c1069044b348026e76b27aa4ba1c71539aa8143e1401fab39184cc6e915ba0ae2c06133cb98
-Size (taglib-1.11.1.tar.gz) = 1261620 bytes
-SHA1 (patch-CVE-2017-12678) = 4979bc04c5fad6e3b5daaf5b6f62c10c7e4f7841
-SHA1 (patch-CVE-2018-11439) = 96a627c07420c194e892d622c694b11ce7476898
+SHA1 (taglib-1.12.tar.gz) = c06c44223f64ef61d29372659059d6b9e27c2efd
+RMD160 (taglib-1.12.tar.gz) = 2d748aa75c810e9062a18790f1fc560e3cecc0b7
+SHA512 (taglib-1.12.tar.gz) = 7e369faa5e3c6c6401052b7a19e35b0cf8c1e5ed9597053ac731a7718791d5d4803d1b18a93e903ec8c3fc6cb92e34d9616daa2ae4d326965d4c4d5624dcdaba
+Size (taglib-1.12.tar.gz) = 1364231 bytes
diff --git a/audio/taglib/patches/patch-CVE-2017-12678 b/audio/taglib/patches/patch-CVE-2017-12678
deleted file mode 100644
index f9d7764d0aa..00000000000
--- a/audio/taglib/patches/patch-CVE-2017-12678
+++ /dev/null
@@ -1,28 +0,0 @@
-$NetBSD: patch-CVE-2017-12678,v 1.1 2019/07/18 09:36:37 nia Exp $
-
-Fix CVE-2017-12678
-
-In TagLib 1.11.1, the rebuildAggregateFrames function in id3v2framefactory.cpp
-has a pointer to cast vulnerability, which allows remote attackers to cause a
-denial of service or possibly have unspecified other impact via a crafted
-audio file.
-
-Upstream commit:
-https://github.com/taglib/taglib/commit/cb9f07d9dcd791b63e622da43f7b232adaec0a9a
-
---- taglib/mpeg/id3v2/id3v2framefactory.cpp.orig 2016-10-24 03:03:23.000000000 +0000
-+++ taglib/mpeg/id3v2/id3v2framefactory.cpp
-@@ -334,10 +334,11 @@ void FrameFactory::rebuildAggregateFrame
- tag->frameList("TDAT").size() == 1)
- {
- TextIdentificationFrame *tdrc =
-- static_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front());
-+ dynamic_cast<TextIdentificationFrame *>(tag->frameList("TDRC").front());
- UnknownFrame *tdat = static_cast<UnknownFrame *>(tag->frameList("TDAT").front());
-
-- if(tdrc->fieldList().size() == 1 &&
-+ if(tdrc &&
-+ tdrc->fieldList().size() == 1 &&
- tdrc->fieldList().front().size() == 4 &&
- tdat->data().size() >= 5)
- {
diff --git a/audio/taglib/patches/patch-CVE-2018-11439 b/audio/taglib/patches/patch-CVE-2018-11439
deleted file mode 100644
index fb6e97bd3b5..00000000000
--- a/audio/taglib/patches/patch-CVE-2018-11439
+++ /dev/null
@@ -1,33 +0,0 @@
-$NetBSD: patch-CVE-2018-11439,v 1.1 2019/07/18 09:36:37 nia Exp $
-
-Fix CVE-2018-11439 - OOB read when loading invalid ogg flac file.
-
-Upstream commit:
-https://github.com/taglib/taglib/commit/2c4ae870ec086f2ddd21a47861a3709c36faac45
-
---- taglib/ogg/flac/oggflacfile.cpp.orig 2016-10-24 03:03:23.000000000 +0000
-+++ taglib/ogg/flac/oggflacfile.cpp
-@@ -216,11 +216,21 @@ void Ogg::FLAC::File::scan()
-
- if(!metadataHeader.startsWith("fLaC")) {
- // FLAC 1.1.2+
-+ // See https://xiph.org/flac/ogg_mapping.html for the header specification.
-+ if(metadataHeader.size() < 13)
-+ return;
-+
-+ if(metadataHeader[0] != 0x7f)
-+ return;
-+
- if(metadataHeader.mid(1, 4) != "FLAC")
- return;
-
-- if(metadataHeader[5] != 1)
-- return; // not version 1
-+ if(metadataHeader[5] != 1 && metadataHeader[6] != 0)
-+ return; // not version 1.0
-+
-+ if(metadataHeader.mid(9, 4) != "fLaC")
-+ return;
-
- metadataHeader = metadataHeader.mid(13);
- }
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 04:19:21 +0000