f2182107fc
cpe:2.3🅰️xiph:vorbis-tools is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Axiph%3Avorbis-tools Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
34 lines
1.1 KiB
Makefile
34 lines
1.1 KiB
Makefile
################################################################################
|
|
#
|
|
# vorbis-tools
|
|
#
|
|
################################################################################
|
|
|
|
VORBIS_TOOLS_VERSION = 1.4.0
|
|
VORBIS_TOOLS_SITE = http://downloads.xiph.org/releases/vorbis
|
|
VORBIS_TOOLS_LICENSE = GPL-2.0
|
|
VORBIS_TOOLS_LICENSE_FILES = COPYING
|
|
VORBIS_TOOLS_CPE_ID_VENDOR = xiph
|
|
VORBIS_TOOLS_DEPENDENCIES = libao libogg libvorbis libcurl
|
|
VORBIS_TOOLS_CONF_OPTS = --program-transform-name=''
|
|
|
|
# 0001-oggenc-Fix-large-alloca-on-bad-AIFF-input.patch
|
|
VORBIS_TOOLS_IGNORE_CVES += CVE-2015-6749
|
|
# 0002-oggenc-validate-count-of-channels-in-the-header-CVE-.patch
|
|
VORBIS_TOOLS_IGNORE_CVES += CVE-2014-9638 CVE-2014-9639
|
|
# 0003-oggenc-fix-crash-on-raw-file-close-reported-by-Hanno.patch
|
|
VORBIS_TOOLS_IGNORE_CVES += CVE-2014-9640
|
|
|
|
# ogg123 calls math functions but forgets to link with libm
|
|
VORBIS_TOOLS_CONF_ENV = LIBS=-lm
|
|
|
|
ifeq ($(BR2_PACKAGE_FLAC),y)
|
|
VORBIS_TOOLS_DEPENDENCIES += flac
|
|
endif
|
|
|
|
ifeq ($(BR2_PACKAGE_SPEEX),y)
|
|
VORBIS_TOOLS_DEPENDENCIES += speex
|
|
endif
|
|
|
|
$(eval $(autotools-package))
|