[nas/f19] 1.9.4 bump
Petr Pisar
ppisar at fedoraproject.org
Wed Oct 9 07:20:03 UTC 2013
commit 5c0ae6ff5e23bdcf969dc9a6f994818b3cddf215
Author: Petr Písař <ppisar at redhat.com>
Date: Tue Oct 8 14:10:58 2013 +0200
1.9.4 bump
.gitignore | 1 +
nas-1.9.3-CVE-2013-4256-1.patch | 63 -----
nas-1.9.3-CVE-2013-4256-2_CVE-2013-4257.patch | 340 -------------------------
nas-1.9.3-CVE-2013-4258.patch | 18 --
nas-1.9.3-minix_tcp_open.patch | 43 ---
nas.spec | 116 +++++----
sources | 2 +-
7 files changed, 69 insertions(+), 514 deletions(-)
---
diff --git a/.gitignore b/.gitignore
index eb1a020..dd00997 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
nas-1.9.1.src.tar.gz
nas-1.9.2.src.tar.gz
/nas-1.9.3.src.tar.gz
+/nas-1.9.4.repacked.tar.gz
diff --git a/nas.spec b/nas.spec
index 59e3fd4..d2a5fed 100644
--- a/nas.spec
+++ b/nas.spec
@@ -1,37 +1,56 @@
Name: nas
Summary: The Network Audio System (NAS)
-Version: 1.9.3
-Release: 7%{?dist}
+Version: 1.9.4
+Release: 1%{?dist}
URL: http://radscan.com/nas.html
-License: Public Domain
+# README: MIT (main license)
+# config/aclocal.m4: FSFULLR
+# config/config.sub: GPL with exceptions, effectively same as main license
+# config/ltmain.sh: GPLv2+ with exceptions, effectively same as main license
+# config/config.guess: GPLv2+ with exceptions, effectively same as main license
+# config/configure: FSFUL
+# config/install-sh: MIT
+# server/dda/voxware/auvoxware.h:
+# (MIT) and
+# (something similar to MIT license by SCO)
+# server/dda/sun/ausuni.c: (MIT) and
+# (something similar to MIT)
+# lib/audio/aiff.c MIT (with Apple warranty declaration)
+# Following flawed files has been removed or correcterd according to upstream
+# commit e43cf3377b8b87114796556f5ad0469d4e79e183:
+# server/dda/hpux/auhpux.h: (MIT) and
+# (as-is with unclear commercial prohibition)
+# doc/xcon94slide.ps: All rights reserved (Frame Technology Corporation)
+# doc/overview.ps: All rights reserved (Network Computing Devices)
+# doc/library.ps: All rights reserved (Network Computing Devices)
+# doc/title.ps: All rights reserved (Network Computing Devices)
+License: MIT
Group: Development/Libraries
%define daemon nasd
-
-Source0: http://downloads.sourceforge.net/%{name}/%{name}-%{version}.src.tar.gz
+# Original source nas-1.9.4.src.tar.gz (MD5:dac0e6cd3e5d6a37ae1dff364236a752)
+# is from
+# <http://downloads.sourceforge.net/%%{name}/%%{name}-%%{version}.src.tar.gz>.
+# The nas-1.9.4.repacked.tar.gz corrects flawed files according to upstream
+# commit e43cf3377b8b87114796556f5ad0469d4e79e183. Offical post-1.9.4 release
+# should be free as speech and will not need repacking.
+Source0: %{name}-%{version}.repacked.tar.gz
Source1: %{daemon}.service
Source2: %{daemon}.sysconfig
Patch0: %{name}-1.9.3-Move-AuErrorDB-to-SHAREDIR.patch
-# Fix formatting string for syslog, in upstream after 1.9.3, CVE-2013-4258,
-# bug #1006753
-Patch1: %{name}-1.9.3-CVE-2013-4258.patch
-# Fix buffer overflow when parsing display number, in upstream after 1.9.3,
-# CVE-2013-4256, bug #1006753
-Patch2: %{name}-1.9.3-CVE-2013-4256-1.patch
-# Fix various buffer overflows (CVE-2013-4256) and a heap overflow when using
-# AUDIOHOST environment variable (CVE-2013-4257), in upstream after 1.9.3,
-# bug #1006753
-Patch3: %{name}-1.9.3-CVE-2013-4256-2_CVE-2013-4257.patch
-# Fix race when opening a TCP device, in upstream after 1.9.3, bug #1006753
-Patch4: %{name}-1.9.3-minix_tcp_open.patch
-
-BuildRequires: bison flex
+BuildRequires: bison
+BuildRequires: flex
BuildRequires: imake
-BuildRequires: libX11-devel libXau-devel libXaw-devel libXext-devel
-BuildRequires: libXp-devel libXt-devel
+BuildRequires: libX11-devel
+BuildRequires: libXau-devel
+BuildRequires: libXaw-devel
+BuildRequires: libXext-devel
+BuildRequires: libXp-devel
+BuildRequires: libXt-devel
BuildRequires: systemd-units
# Update config.sub to support aarch64, bug #926196
-BuildRequires: autoconf libtool automake
-
+BuildRequires: autoconf
+BuildRequires: automake
+BuildRequires: libtool
Requires: %{name}-libs = %{version}-%{release}
Requires(post): systemd-sysv systemd-units
Requires(preun): systemd-units
@@ -44,26 +63,26 @@ Group: Development/Libraries
Requires: %{name}-libs = %{version}-%{release}
%package libs
-Summary: Run-time libraries for NAS
-Group: System Environment/Libraries
+Summary: Run-time libraries for NAS
+Group: System Environment/Libraries
%description
-In a nutshell, NAS is the audio equivalent of an X display server.
-The Network Audio System (NAS) was developed by NCD for playing,
-recording, and manipulating audio data over a network. Like the
-X Window System, it uses the client/server model to separate
-applications from the specific drivers that control audio input
-and output devices.
+In a nutshell, NAS is the audio equivalent of an X display server. The
+Network Audio System (NAS) was developed for playing, recording, and
+manipulating audio data over a network. Like the X Window System, it uses the
+client/server model to separate applications from the specific drivers that
+control audio input and output devices.
+
Key features of the Network Audio System include:
- o Device-independent audio over the network
- o Lots of audio file and data formats
- o Can store sounds in server for rapid replay
- o Extensive mixing, separating, and manipulation of audio data
- o Simultaneous use of audio devices by multiple applications
- o Use by a growing number of ISVs
- o Small size
- o Free! No obnoxious licensing terms
+ • Device-independent audio over the network
+ • Lots of audio file and data formats
+ • Can store sounds in server for rapid replay
+ • Extensive mixing, separating, and manipulation of audio data
+ • Simultaneous use of audio devices by multiple applications
+ • Use by a growing number of ISVs
+ • Small size
+ • Free! No obnoxious licensing terms
%description libs
%{summary}.
@@ -75,10 +94,6 @@ Development files and the documentation for Network Audio System.
%prep
%setup -q
%patch0 -p1 -b .move_AuErrorDB
-%patch1 -p0 -b .CVE-2013-4258
-%patch2 -p0 -b .CVE-2013-4256
-%patch3 -p0 -b .CVE-2013-4256-2_CVE-2013-4257
-%patch4 -p0 -b .minix_tcp_open
# Update config.sub to support aarch64, bug #926196
cp -p %{_datadir}/automake-*/config.{sub,guess} config
@@ -147,20 +162,23 @@ echo ' systemd-sysv-convert --apply %{daemon}'
%{_mandir}/man5/*
%files libs
-%defattr(-,root,root,-)
-%doc README FAQ HISTORY TODO
-%{_libdir}/libaudio.so.2
-%{_libdir}/libaudio.so.2.4
+# The LICENSE_CLARIFICIATION is specific to repacked sources.
+%doc FAQ HISTORY LICENSE_CLARIFICIATION README TODO
+%{_libdir}/libaudio.so.*
%{_datadir}/X11/AuErrorDB
%files devel
-%defattr(-,root,root,-)
+%doc doc/actions doc/protocol.txt doc/*.ps
%{_includedir}/audio/
%{_libdir}/libaudio.so
%{_mandir}/man3/*
%changelog
+* Tue Oct 08 2013 Petr Pisar <ppisar at redhat.com> - 1.9.4-1
+- 1.9.4 bump
+- Package license corrected to MIT
+
* Mon Sep 16 2013 Petr Pisar <ppisar at redhat.com> - 1.9.3-7
- Fix CVE-2013-4258 (formatting string for syslog call) (bug #1006753)
- Fix CVE-2013-4256 (parsing display number) (bug #1006753)
@@ -255,7 +273,7 @@ echo ' systemd-sysv-convert --apply %{daemon}'
* Wed Mar 21 2007 Frank Büttner <frank-buettner at gmx.net> - 1.8a-1%{?dist}
- fix bug 233353
-* Thu Feb 09 2007 Frank Büttner <frank-buettner at gmx.net> - 1.8-13%{?dist}
+* Fri Feb 09 2007 Frank Büttner <frank-buettner at gmx.net> - 1.8-13%{?dist}
- use the corrected patch
* Thu Feb 08 2007 Frank Büttner <frank-buettner at gmx.net> - 1.8-11%{?dist}
diff --git a/sources b/sources
index 3c14007..b9af333 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-ecd01a3b4e17a9d464efa83a03618025 nas-1.9.3.src.tar.gz
+481d01a075ac2e4595c58256126a62fe nas-1.9.4.repacked.tar.gz
More information about the scm-commits
mailing list