Browse Source

vorbis-tools-1.4.0-4

git-svn-id: http://trac.vinelinux.org/repos/projects/specs@10732 ec354946-7b23-47d6-9f5a-488ba84defc7
tomop 7 years ago
parent
commit
940745574d
1 changed files with 19 additions and 2 deletions
  1. 19 2
      v/vorbis-tools/vorbis-tools-vl.spec

+ 19 - 2
v/vorbis-tools/vorbis-tools-vl.spec

@@ -5,7 +5,7 @@ Summary:	Several Ogg Vorbis Tools
 Summary(ja):	各種 Ogg Vorvis 用ツール
 Name:		vorbis-tools
 Version:	1.4.0
-Release:	3%{?_dist_release}
+Release:	4%{?_dist_release}
 Group:		Applications/Multimedia
 License:	GPLv2
 URL:		http://www.xiph.org/
@@ -15,9 +15,14 @@ Source1:	vorbis-tools-ogg123rc
 
 Patch1:		vorbis-tools-1.1.1-include-config.h.patch
 
+# security fixes
+Patch1000: CVE-2014-9638-9639.patch
+Patch1001: CVE-2014-9640.patch
+Patch1002: CVE-2015-6749.patch
+
 BuildRoot:	%{_tmppath}/%{name}-%{version}-root
 BuildRequires:	libvorbis-devel >= 1.0
-BuildRequires:  libao-devel >= 1.0.0
+BuildRequires:  libao-devel
 BuildRequires:	curl-devel
 BuildRequires:	perl
 Requires:	curl
@@ -56,6 +61,11 @@ vorbis-tools には、Ogg Vorbis のエンコーダ oggenc と再生ツール og
 
 %patch1 -p1 -b .config-h
 
+# security fixes
+%patch1000 -p1 -b .CVE-2014-9638-9639
+%patch1001 -p3 -b .CVE-2014-9640
+%patch1002 -p1 -b .CVE-2015-6749
+
 %build
 perl -p -i -e "s/-O20/%{optflags}/" configure
 perl -p -i -e "s/-ffast-math//" configure
@@ -87,6 +97,13 @@ make
 %{_mandir}/man1/*
 
 %changelog
+* Sat Jul 30 2016 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> 1.4.0-4
+- added Patch1000-1003.
+  - CVE-2014-9638
+  - CVE-2014-9639
+  - CVE-2014-9640
+  - CVE-2015-6749
+
 * Sat Jul 05 2014 Yoji TOYODA <bsyamato@sea.plala.or.jp> 1.4.0-3
 - rebuild with VineSeed environment