summaryrefslogtreecommitdiff
path: root/subprojects/shared-modules/vorbisgain/README.md
diff options
context:
space:
mode:
Diffstat (limited to 'subprojects/shared-modules/vorbisgain/README.md')
-rw-r--r--subprojects/shared-modules/vorbisgain/README.md23
1 files changed, 23 insertions, 0 deletions
diff --git a/subprojects/shared-modules/vorbisgain/README.md b/subprojects/shared-modules/vorbisgain/README.md
new file mode 100644
index 00000000..42d83947
--- /dev/null
+++ b/subprojects/shared-modules/vorbisgain/README.md
@@ -0,0 +1,23 @@
+Vorbisgain comes in two version;
+- The main source: https://sjeng.org/ftp/vorbis/
+- The Debian version: http://deb.debian.org/debian/pool/main/v/vorbisgain/
+
+The catch is... Debian has 10 patches:
+- 0001-temp_files.patch
+- 0002-errno.patch
+- 0003-manpage.patch
+- 0004-vorbisgain_mtime.patch
+- 0005-double_fclose.patch
+- 0006-manpage_hyphens.patch
+- 0007-recursively_spelling.patch
+- 0008-manpage_recursion_mistake.patch
+- 0009-hardening.patch
+- 0010-fclose.patch
+
+Of particular concern are 0005, 0009 and 0010 which might have implications for memory-leaks and string inputs.
+
+## Other points of concern
+
+https://pkgs.org/download/vorbisgain
+
+Lots of distributions don't include these patches as well, but I prefer to stick with the tried and tested package from Debian.
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-03 09:24:58 +0000