updated to 1.0.28

fix possible buffer overflow when parsing crafted ID3 tags (#1440758, CVE-2017-7586) fix possible buffer overflow when parsing crafted flac file (#1440756, CVE-2017-7585)
2017-04-11 10:39:11 +02:00 · 2017-04-11 10:39:11 +02:00 · f55d08ac6b
commit f55d08ac6b
parent de2d85ec4c
3 changed files with 9 additions and 3 deletions
--- a/.gitignore
+++ b/.gitignore
@ -4,3 +4,4 @@ libsndfile-1.0.21.tar.gz
 /libsndfile-1.0.24.tar.gz
 /libsndfile-1.0.25.tar.gz
 /libsndfile-1.0.27.tar.gz
+/libsndfile-1.0.28.tar.gz
--- a/libsndfile.spec
+++ b/libsndfile.spec
@ -1,7 +1,7 @@
 Summary:	Library for reading and writing sound files
 Name:		libsndfile
-Version:	1.0.27
-Release:	2%{?dist}
+Version:	1.0.28
+Release:	1%{?dist}
 License:	LGPLv2+ and GPLv2+ and BSD
 Group:		System Environment/Libraries
 URL:		http://www.mega-nerd.com/libsndfile/
@ -150,6 +150,11 @@ LD_LIBRARY_PATH=$PWD/src/.libs make check


 %changelog
+* Tue Apr 11 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-1
+- updated to 1.0.28
+- fix possible buffer overflow when parsing crafted ID3 tags (#1440758, CVE-2017-7586)
+- fix possible buffer overflow when parsing crafted flac file (#1440756, CVE-2017-7585)
+
 * Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.27-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild

--- a/2
+++ b/2
@ -1 +1 @@
-fd1d97c6077f03b5d984d7956ffedb7a  libsndfile-1.0.27.tar.gz
+SHA512 (libsndfile-1.0.28.tar.gz) = 890731a6b8173f714155ce05eaf6d991b31632c8ab207fbae860968861a107552df26fcf85602df2e7f65502c7256c1b41735e1122485a3a07ddb580aa83b57f