Opened 5 years ago
Closed 5 years ago
Last modified 5 years ago
New minor version.
First release since 2012. Over 700 lines in the change log. No release notes.
Fixed at revision 19396.
LAME 3.100 has been released including fixes to security vulnerabilities.
Coy-paste from history:
- Don't include the debian directory as one that is needed during builds. Patch
taken from Debian's packaging of lame.
- Resurrect Owen Taylor's code dated from 97-11-3 to properly deal with GTK1.
This was transplanted back from aclocal.m4 with a patch provided by Andres
Mejia. This change makes it easy to regenerate autotools' files with a simple
invocation of autoconf -vfi.
- Fix possible race condition causing build failures in libmp3lame. Discovered
in automated builds by the Debian project with patch provided by Andres Mejia.
- Improved detection of MPEG audio data in RIFF WAVE files. Tracker item [
3545112 ] Invalid sampling detection
- New switch --gain <decibel>, range -20.0 to +12.0, a more convenient way to
apply Gain adjustment in decibels, than the use of --scale <factor>.
- Fix for tracker item [ 3558466 ] Bug in path handling
- Fix for tracker item [ 3567844 ] problem with Tag genre
- Fix for tracker item [ 3565659 ] no progress indication with pipe input
- Fix for tracker item [ 3544957 ] scale (empty) silent encode without warning
- Fix for tracker item [ 3580176 ] environment variable LAMEOPT doesn't work
- Fix for tracker item [ 3608583 ] input file name displayed with wrong
character encoding (on windows console with CP_UTF8)
- Fix for bug ticket [ #447 ] Fix dereference NULL and Buffer not NULL
terminated issues. Thanks to Surabhi Mishra
- Fix for bug ticket [ #445 ] dereference of a null pointer possible in loop.
Thanks to Renu Tyagi
- Fix for bug ticket [ #449 ] Make sure functions with SSE instructions
maintain their own properly aligned stack. Thanks to Fabian Greffrath
- Fix for bug ticket [ #458 ] Multiple Stack and Heap Corruptions from
Malicious File. Thanks to Gareth Evans and Elio Blanca
- Fix for bug ticket [ #460 ] A division by zero vulnerability. Thanks to Wang
Shiyang, Liu Bingchang
- Fix for bug ticket [ #461 ] CVE-2017-9410 fill_buffer_resample function in
libmp3lame/util.c heap-based buffer over-read and ap
- Fix for bug ticket [ #462 ] CVE-2017-9411 fill_buffer_resample function in
libmp3lame/util.c invalid memory read and application crash
- Fix for bug ticket [ #463 ] CVE-2017-9412 unpack_read_samples function in
frontend/get_audio.c invalid memory read and application crash
- Fix for bug ticket [ #434 ] clip detect scale suggestion unaware of scale
- HIP decoder bug fixed: decoding mixed blocks of lower sample frequency Layer3
data resulted in internal buffer overflow (write). Thanks to Henri Salo
Powered by Trac 1.5.3.dev0
By Edgewall Software
© 1998-2022 Gerard Beekmans.