2018-06-23 - email@example.com
- Conditionalize pkgconfig(openal) BuildRequires and mpg123-openal
sub-package, fix build for SLE12 SP3.
2018-03-05 - firstname.lastname@example.org
- Update to version 1.25.10
* libout123: Fix error messages beginning from OUT123_ARG_ERROR
* mpg123: Fix --icy-interval handling to work with stream from
stdin. (curl | mpg123 --icy-interval=n -)
* libmpg123: Fix another invalid read and segfault on damaged
(fuzzed) files with part2_3_length == 0 (set maxband=1, pulled
from upcoming 1.26.0).
2017-12-03 - email@example.com
- Update to version 1.25.8
* Also disable cursor/video games for empty TERM (not just unset
* Accept changing mode extension bits when looking for next
header for detecting free-format streams (bug 257).
* Fix compute_bpf() for free format streams (needed to estimate
track length and working fuzzy seeking in absence of an Info
2017-09-26 - firstname.lastname@example.org
- Drop pkgconfig(esound) BuildRequires and mpg123-esound
sub-package, esound is a long obsoleted sound server.
2017-09-26 - email@example.com
- Update to version 1.25.7
* Do not play with cursor and inverse video for progress bar
* Fix parsing of host port for numerical IPv6 addresses (just did
not work before, only for textual host names).
* Proper fix for the xrpnt overflow problems by correctly
initialising certain tables for MPEG 2.x layer III. The checks
that catch the resulting overflow are still in place, but
likely superfluous now. Note that this means certain valid
files would have been misdecoded before, if anyone actually
produced them. Thanks to Robert Hegemann for the fix!
* Silently handle granules with part2_3_length == 0, but
scalefac_compress != 0 (ignore the latter).
2017-08-11 - firstname.lastname@example.org
- Update to version 1.25.6
* Hotfix for bug 255: Overflow reading frame data bits in layer
II decoding. Now, all-zero data is returned if the frame data
is exhausted. This might have a slight impact on performance,
but not easily measurable so far.
2017-08-08 - email@example.com
- Update to version 1.25.5
* Avoid another buffer read overflow in the ID3 parser on 32 bit
platforms (bug 254).
2017-07-24 - firstname.lastname@example.org
- Update to version 1.25.4
* Prevent harmless call to memcpy(NULL, NULL, 0).
* More early checking of ID3v2 encoding values to avoid bogus
text being stored.
2017-07-18 - email@example.com
- Update to version 1.25.3
* Better checks for xrpnt overflow in III_dequantize_sample()
before each use, avoiding false positives and catching cases
that were rendered harmless by alignment-enlarged buffers.
2017-07-11 - firstname.lastname@example.org
- Update to version 1.25.2
* Extend pow tables for layer III to properly handle files
with i-stereo and 5-bit scalefactors. Never observed them
for real, just as fuzzed input to trigger the read overflow.
Note: This one goes on record as CVE-2017-11126, calling
remote denial of service. While the accesses are out of
bounds for the pow tables, they still are safely within
libmpg123's memory (other static tables). Just wrong values
are used for computation, no actual crash unless you use
something like GCC's AddressSanitizer, nor any information
* Avoid left-shifts of negative integers in layer I decoding.