!11 update to 0.16.3

From: @yaqiangchen Reviewed-by: @wang--ge Signed-off-by: @wang--ge
update to 0.16.3
2023-10-24 01:30:49 +00:00 · 2023-10-23 17:47:31 +08:00 · 2020-07-23 11:48:37 +08:00 · 2020-07-16 12:02:21 +08:00 · 2020-07-15 15:07:33 +08:00 · 2020-05-11 14:13:55 +08:00
8 changed files with 37 additions and 128 deletions
--- a/Add_unversioned_so.patch
+++ b/Add_unversioned_so.patch
@ -0,0 +1,12 @@
+diff -Nur a/CMakeLists.txt b/CMakeLists.txt
+--- a/CMakeLists.txt	2023-09-24 09:52:54.000000000 +0800
+++ b/CMakeLists.txt	2023-10-18 15:52:23.227559220 +0800
+@@ -46,7 +46,7 @@
+ 
+ set_target_properties(id3tag PROPERTIES
+   VERSION ${CMAKE_PROJECT_VERSION}
+-  SOVERSION ${LIBRARY_SOVERSION}
+  SOVERSION 0
+ )
+ 
+ include(CheckIncludeFile)
--- a/CVE-2004-2779.patch
+++ b/CVE-2004-2779.patch
@ -1,38 +0,0 @@
-From: Karol Babioch <kbabioch@suse.com>
-Date: Tue Feb 20 17:52:15 CET 2018
-Upstream: dead
-References: https://sources.debian.org/patches/libid3tag/0.15.1b-13/10_utf16.dpatch/
-Subject: Fixes utf16 handling in case of an odd number of bytes
-
-Fixes id3_utf16_deserialize() in utf16.c, which previously misparsed ID3v2 tags
-encoded in UTF-16 with an odd number of bytes, triggering an endless loop
-allocating memory until OOM leading to DoS. (CVE-2004-2779 bsc#1081959
-CVE-2017-11551 bsc#1081961)
-
---
- utf16.c |   13 +++++++++++++
- 1 file changed, 13 insertions(+)
-
-Index: libid3tag-0.15.1b/utf16.c
-===================================================================
--- libid3tag-0.15.1b.orig/utf16.c
-+++ libid3tag-0.15.1b/utf16.c
-@@ -282,5 +282,18 @@ id3_ucs4_t *id3_utf16_deserialize(id3_by
-
-   free(utf16);
-
-+  if (end == *ptr && length % 2 != 0)
-+  {
-+     /* We were called with a bogus length.  It should always
-+      * be an even number.  We can deal with this in a few ways:
-+      * - Always give an error.
-+      * - Try and parse as much as we can and
-+      *   - return an error if we're called again when we
-+      *     already tried to parse everything we can.
-+      *   - tell that we parsed it, which is what we do here.
-+      */
-+     (*ptr)++;
-+  }
-+
-   return ucs4;
- }
--- a/CVE-2017-11550.patch
+++ b/CVE-2017-11550.patch
@ -1,42 +0,0 @@
-References: https://sources.debian.org/src/libid3tag/0.15.1b-13/debian/patches/11_unknown_encoding.dpatch/
-From: Karol Babioch <kbabioch@suse.com>
-Date: Wed Feb 21 13:23:47 CET 2018
-Upstream: dead
-Subject: Fix unknown encoding when parsing ID3 tags
-
-Fixes the handling of unknown encodings when parsing ID3 tags. (CVE-2017-11550 bsc#1081962 CVE-2008-2109 bsc#387731)
-
---
- compat.gperf |    3 +++
- parse.c      |    4 ++++
- 2 files changed, 7 insertions(+)
-
-Index: libid3tag-0.15.1b/compat.gperf
-===================================================================
--- libid3tag-0.15.1b.orig/compat.gperf
-+++ libid3tag-0.15.1b/compat.gperf
-@@ -241,6 +241,9 @@ int id3_compat_fixup(struct id3_tag *tag
-     encoding = id3_parse_uint(&data, 1);
-     string   = id3_parse_string(&data, end - data, encoding, 0);
- 
-+    if (!string)
-+	continue;
-+
-     if (id3_ucs4_length(string) < 4) {
-       free(string);
-       continue;
-Index: libid3tag-0.15.1b/parse.c
-===================================================================
--- libid3tag-0.15.1b.orig/parse.c
-+++ libid3tag-0.15.1b/parse.c
-@@ -165,6 +165,10 @@ id3_ucs4_t *id3_parse_string(id3_byte_t
-   case ID3_FIELD_TEXTENCODING_UTF_8:
-     ucs4 = id3_utf8_deserialize(ptr, length);
-     break;
-+
-+  default:
-+    /* FIXME: Unknown encoding! Print warning? */
-+    return NULL;
-   }
- 
-   if (ucs4 && !full) {
--- a/libid3tag-0.15.1b-fix_overflow.patch
+++ b/libid3tag-0.15.1b-fix_overflow.patch
@ -1,11 +0,0 @@
--- field.c.orig	2008-05-05 09:49:15.000000000 -0400
-+++ field.c	2008-05-05 09:49:25.000000000 -0400
-@@ -291,7 +291,7 @@
- 
-       end = *ptr + length;
- 
-      while (end - *ptr > 0) {
-+      while (end - *ptr > 0 && **ptr != '\0') {
- 	ucs4 = id3_parse_string(ptr, end - *ptr, *encoding, 0);
- 	if (ucs4 == 0)
- 	  goto fail;
--- a/libid3tag-0.15.1b.tar.gz
+++ b/libid3tag-0.15.1b.tar.gz
--- a/libid3tag-0.16.3.tar.gz
+++ b/libid3tag-0.16.3.tar.gz
--- a/libid3tag.spec
+++ b/libid3tag.spec
@ -1,14 +1,12 @@
 Name:           libid3tag
-Version:        0.15.1b
-Release:        20
+Version:        0.16.3
+Release:        1
 Summary:        ID3 tag manipulation library
 License:        GPLv2+
-URL:            http://www.underbit.com/products/mad/
-Source0:        http://downloads.sourceforge.net/mad/%{name}-%{version}.tar.gz
-Patch0:         libid3tag-0.15.1b-fix_overflow.patch
-Patch6000:      CVE-2004-2779.patch
-Patch6001:      CVE-2017-11550.patch
-BuildRequires:  zlib-devel >= 1.1.4 libtool
+URL:            http://codeberg.org/tenacityteam/libid3tag
+Source0:        http://codeberg.org/tenacityteam/libid3tag/archive/%{version}.tar.gz#/%{name}-%{version}.tar.gz
+Patch0:         Add_unversioned_so.patch
+BuildRequires:  gcc-c++ cmake make zlib-devel >= 1.1.4 libtool gperf >= 3.1

 %description
 libid3tag is a library for reading and (eventually) writing ID3 tags,
@ -22,39 +20,15 @@ Requires:       %{name} = %{version}-%{release}
 ID3 tag library development files.

 %prep
-%setup -q
-%patch0 -p0 -b .CVE-2008-2109
-%patch6000 -p1
-%patch6001 -p1
-touch NEWS AUTHORS ChangeLog
-autoreconf -i -f
-
-# *.pc originally from the Debian package.
-cat << \EOF > %{name}.pc
-prefix=%{_prefix}
-exec_prefix=%{_exec_prefix}
-libdir=%{_libdir}
-includedir=%{_includedir}
-
-Name: id3tag
-Description: ID3 tag manipulation library
-Requires:
-Version: %{version}
-Libs: -lid3tag
-Cflags:
-EOF
+%autosetup -p1 -n %{name}

 %build
-%configure --disable-static
-# configure strips -g, -O2 from CFLAGS, override it here
-make %{?_smp_mflags} CFLAGS="$RPM_OPT_FLAGS"
-
+%cmake
+%make_build

 %install
-make install DESTDIR=$RPM_BUILD_ROOT
+%make_install
 rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
-install -Dpm 644 %{name}.pc $RPM_BUILD_ROOT%{_libdir}/pkgconfig/id3tag.pc
-

 %post -p /sbin/ldconfig
 %postun -p /sbin/ldconfig
@ -63,14 +37,24 @@ install -Dpm 644 %{name}.pc $RPM_BUILD_ROOT%{_libdir}/pkgconfig/id3tag.pc
 %files
 %doc CHANGES COPYING COPYRIGHT CREDITS README TODO
 %{_libdir}/libid3tag.so.*
-%{_libdir}/libid3tag.so

 %files devel
 %{_includedir}/id3tag.h
+%{_libdir}/libid3tag.so
+%{_libdir}/cmake/id3tag
 %{_libdir}/pkgconfig/id3tag.pc


 %changelog
+* Wed Oct 18 2023 chenyaqiang <chengyaqiang@huawei.com> - 0.16.3-1
+- update to 0.16.3
+
+* Wed Jul 15 2020 zhangjiapeng<zhangjiapeng9@huawei.com> - 0.15.1b-21
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: fix the build issue with gperf-3.1
+
 * Fri Mar 20 2020 lingsheng<lingsheng@huawei.com> - 0.15.1b-20
 - Type:cves
 - ID:CVE-2017-11550
--- a/libid3tag.yaml
+++ b/libid3tag.yaml
@ -0,0 +1,4 @@
+version_control: NA
+src_repo: NA
+tag_pattern: NA
+seperator: NA
Author	SHA1	Message	Date
openeuler-ci-bot	10fbaf9f01	!11 update to 0.16.3 From: @yaqiangchen Reviewed-by: @wang--ge Signed-off-by: @wang--ge	2023-10-24 01:30:49 +00:00
yaqiangchen	c2c7235fcf	update to 0.16.3	2023-10-23 17:47:31 +08:00
openeuler-ci-bot	d95c39fa2f	!6 Add libid3tag.yaml Merge pull request !6 from huanghaitao/master	2020-07-23 11:48:37 +08:00
openeuler-ci-bot	8f0f243c02	!7 fix the build issue with gperf-3.1 Merge pull request !7 from jpzhang187/master	2020-07-16 12:02:21 +08:00
jpzhang	80966a2da5	fix the build issue with gperf-3.1	2020-07-15 15:07:33 +08:00
hht8	bb556963a5	Add libid3tag.yaml	2020-05-11 14:13:55 +08:00
openeuler-ci-bot	66b170d713	!5 回退 'Pull Request !4 : Add gperf for imlib2 package build failed' Merge pull request !5 from 严志华/revert-merge-4-master	2020-03-23 15:11:34 +08:00
严志华	79d5126d9d	回退 'Pull Request !4 : Add gperf for imlib2 package build failed'	2020-03-23 15:06:26 +08:00
openeuler-ci-bot	e19862c33c	!4 Add gperf for imlib2 package build failed Merge pull request !4 from daidai_is_here/dqw_test2	2020-03-23 12:25:09 +08:00
daidai_is_here	7ea37b7a7c	Add gperf for imlib2 package build failed	2020-03-23 11:56:37 +08:00