diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..cbaa935
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+SOURCES/libsndfile-1.0.28.tar.gz
diff --git a/.libsndfile.metadata b/.libsndfile.metadata
new file mode 100644
index 0000000..0c3e03f
--- /dev/null
+++ b/.libsndfile.metadata
@@ -0,0 +1 @@
+85aa967e19f6b9bf975601d79669025e5f8bc77d SOURCES/libsndfile-1.0.28.tar.gz
diff --git a/SOURCES/libsndfile-1.0.25-system-gsm.patch b/SOURCES/libsndfile-1.0.25-system-gsm.patch
new file mode 100644
index 0000000..d6d1b34
--- /dev/null
+++ b/SOURCES/libsndfile-1.0.25-system-gsm.patch
@@ -0,0 +1,56 @@
+diff -up libsndfile-1.0.28/src/gsm610.c.systemgsm libsndfile-1.0.28/src/gsm610.c
+--- libsndfile-1.0.28/src/gsm610.c.systemgsm	2016-09-10 10:08:27.000000000 +0200
++++ libsndfile-1.0.28/src/gsm610.c	2017-04-11 10:47:40.437162489 +0200
+@@ -27,7 +27,7 @@
+ #include "sfendian.h"
+ #include "common.h"
+ #include "wavlike.h"
+-#include "GSM610/gsm.h"
++#include <gsm.h>
+ 
+ #define	GSM610_BLOCKSIZE		33
+ #define	GSM610_SAMPLES			160
+@@ -391,7 +391,8 @@ gsm610_seek	(SF_PRIVATE *psf, int UNUSED
+ 		psf_fseek (psf, psf->dataoffset, SEEK_SET) ;
+ 		pgsm610->blockcount = 0 ;
+ 
+-		gsm_init (pgsm610->gsm_data) ;
++		gsm_destroy (pgsm610->gsm_data) ;
++		pgsm610->gsm_data = gsm_create () ;
+ 		if ((SF_CONTAINER (psf->sf.format)) == SF_FORMAT_WAV ||
+ 				(SF_CONTAINER (psf->sf.format)) == SF_FORMAT_W64)
+ 			gsm_option (pgsm610->gsm_data, GSM_OPT_WAV49, &true_flag) ;
+diff -up libsndfile-1.0.28/src/Makefile.am.systemgsm libsndfile-1.0.28/src/Makefile.am
+--- libsndfile-1.0.28/src/Makefile.am.systemgsm	2017-04-01 09:18:02.000000000 +0200
++++ libsndfile-1.0.28/src/Makefile.am	2017-04-11 10:48:43.855620172 +0200
+@@ -8,7 +8,7 @@ lib_LTLIBRARIES = libsndfile.la
+ include_HEADERS = sndfile.hh
+ nodist_include_HEADERS = sndfile.h
+ 
+-noinst_LTLIBRARIES =  GSM610/libgsm.la G72x/libg72x.la ALAC/libalac.la libcommon.la
++noinst_LTLIBRARIES =  G72x/libg72x.la ALAC/libalac.la libcommon.la
+ 
+ SYMBOL_FILES = Symbols.gnu-binutils Symbols.darwin libsndfile-1.def Symbols.os2 Symbols.static
+ 
+@@ -43,7 +43,7 @@ libsndfile_la_CPPFLAGS = -DSNDFILE_EXPOR
+ libsndfile_la_LDFLAGS = -no-undefined -version-info  $(SHARED_VERSION_INFO) $(SHLIB_VERSION_ARG)
+ libsndfile_la_SOURCES = $(FILESPECIFIC) $(noinst_HEADERS)
+ nodist_libsndfile_la_SOURCES = $(nodist_include_HEADERS)
+-libsndfile_la_LIBADD = GSM610/libgsm.la G72x/libg72x.la ALAC/libalac.la \
++libsndfile_la_LIBADD = -lgsm G72x/libg72x.la ALAC/libalac.la \
+ 		libcommon.la $(EXTERNAL_XIPH_LIBS) -lm
+ 
+ EXTRA_libsndfile_la_DEPENDENCIES = $(SYMBOL_FILES)
+@@ -58,12 +58,6 @@ libcommon_la_SOURCES = common.c file_io.
+ #======================================================================
+ # Subdir libraries.
+ 
+-GSM610_libgsm_la_SOURCES = GSM610/config.h GSM610/gsm.h GSM610/gsm610_priv.h \
+-		GSM610/add.c GSM610/code.c GSM610/decode.c GSM610/gsm_create.c \
+-		GSM610/gsm_decode.c GSM610/gsm_destroy.c GSM610/gsm_encode.c \
+-		GSM610/gsm_option.c GSM610/long_term.c GSM610/lpc.c GSM610/preprocess.c \
+-		GSM610/rpe.c GSM610/short_term.c GSM610/table.c
+-
+ G72x_libg72x_la_SOURCES = G72x/g72x.h G72x/g72x_priv.h \
+ 		G72x/g721.c G72x/g723_16.c G72x/g723_24.c G72x/g723_40.c G72x/g72x.c
+ 
diff --git a/SOURCES/libsndfile-1.0.25-zerodivfix.patch b/SOURCES/libsndfile-1.0.25-zerodivfix.patch
new file mode 100644
index 0000000..792fd92
--- /dev/null
+++ b/SOURCES/libsndfile-1.0.25-zerodivfix.patch
@@ -0,0 +1,25 @@
+From 725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Wed, 24 Dec 2014 21:02:35 +1100
+Subject: [PATCH] src/file_io.c : Prevent potential divide-by-zero.
+
+Closes: https://github.com/erikd/libsndfile/issues/92
+---
+ src/file_io.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+
+diff --git a/src/file_io.c b/src/file_io.c
+index 26d3d6d..6ccab78 100644
+--- a/src/file_io.c
++++ b/src/file_io.c
+@@ -1322,6 +1322,9 @@ psf_fwrite (const void *ptr, sf_count_t bytes, sf_count_t items, SF_PRIVATE *psf
+ {	sf_count_t total = 0 ;
+ 	ssize_t	count ;
+ 
++	if (bytes == 0 || items == 0)
++		return 0 ;
++
+ 	if (psf->virtual_io)
+ 		return psf->vio.write (ptr, bytes*items, psf->vio_user_data) / bytes ;
+ 
+
diff --git a/SOURCES/libsndfile-1.0.28-cve2017_12562.patch b/SOURCES/libsndfile-1.0.28-cve2017_12562.patch
new file mode 100644
index 0000000..f195e87
--- /dev/null
+++ b/SOURCES/libsndfile-1.0.28-cve2017_12562.patch
@@ -0,0 +1,88 @@
+From cf7a8182c2642c50f1cf90dddea9ce96a8bad2e8 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?J=C3=B6rn=20Heusipp?= <osmanx@problemloesungsmaschine.de>
+Date: Wed, 14 Jun 2017 12:25:40 +0200
+Subject: [PATCH] src/common.c: Fix heap buffer overflows when writing strings
+ in binheader
+
+Fixes the following problems:
+ 1. Case 's' only enlarges the buffer by 16 bytes instead of size bytes.
+ 2. psf_binheader_writef() enlarges the header buffer (if needed) prior to the
+    big switch statement by an amount (16 bytes) which is enough for all cases
+    where only a single value gets added. Cases 's', 'S', 'p' however
+    additionally write an arbitrary length block of data and again enlarge the
+    buffer to the required amount. However, the required space calculation does
+    not take into account the size of the length field which gets output before
+    the data.
+ 3. Buffer size requirement calculation in case 'S' does not account for the
+    padding byte ("size += (size & 1) ;" happens after the calculation which
+    uses "size").
+ 4. Case 'S' can overrun the header buffer by 1 byte when no padding is
+    involved
+    ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ;" while
+    the buffer is only guaranteed to have "size" space available).
+ 5. "psf->header.ptr [psf->header.indx] = 0 ;" in case 'S' always writes 1 byte
+    beyond the space which is guaranteed to be allocated in the header buffer.
+ 6. Case 's' can overrun the provided source string by 1 byte if padding is
+    involved ("memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;"
+    where "size" is "strlen (strptr) + 1" (which includes the 0 terminator,
+    plus optionally another 1 which is padding and not guaranteed to be
+    readable via the source string pointer).
+
+Closes: https://github.com/erikd/libsndfile/issues/292
+---
+ src/common.c | 15 +++++++--------
+ 1 file changed, 7 insertions(+), 8 deletions(-)
+
+diff --git a/src/common.c b/src/common.c
+index 1a6204ca..6b2a2ee9 100644
+--- a/src/common.c
++++ b/src/common.c
+@@ -681,16 +681,16 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...)
+ 					/* Write a C string (guaranteed to have a zero terminator). */
+ 					strptr = va_arg (argptr, char *) ;
+ 					size = strlen (strptr) + 1 ;
+-					size += (size & 1) ;
+ 
+-					if (psf->header.indx + (sf_count_t) size >= psf->header.len && psf_bump_header_allocation (psf, 16))
++					if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1)))
+ 						return count ;
+ 
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+-						header_put_be_int (psf, size) ;
++						header_put_be_int (psf, size + (size & 1)) ;
+ 					else
+-						header_put_le_int (psf, size) ;
++						header_put_le_int (psf, size + (size & 1)) ;
+ 					memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;
++					size += (size & 1) ;
+ 					psf->header.indx += size ;
+ 					psf->header.ptr [psf->header.indx - 1] = 0 ;
+ 					count += 4 + size ;
+@@ -703,16 +703,15 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...)
+ 					*/
+ 					strptr = va_arg (argptr, char *) ;
+ 					size = strlen (strptr) ;
+-					if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size))
++					if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1)))
+ 						return count ;
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						header_put_be_int (psf, size) ;
+ 					else
+ 						header_put_le_int (psf, size) ;
+-					memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + 1) ;
++					memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size + (size & 1)) ;
+ 					size += (size & 1) ;
+ 					psf->header.indx += size ;
+-					psf->header.ptr [psf->header.indx] = 0 ;
+ 					count += 4 + size ;
+ 					break ;
+ 
+@@ -724,7 +723,7 @@ psf_binheader_writef (SF_PRIVATE *psf, const char *format, ...)
+ 					size = (size & 1) ? size : size + 1 ;
+ 					size = (size > 254) ? 254 : size ;
+ 
+-					if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size))
++					if (psf->header.indx + 1 + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, 1 + size))
+ 						return count ;
+ 
+ 					header_put_byte (psf, size) ;
diff --git a/SOURCES/libsndfile-1.0.28-fixfree.patch b/SOURCES/libsndfile-1.0.28-fixfree.patch
new file mode 100644
index 0000000..e91d138
--- /dev/null
+++ b/SOURCES/libsndfile-1.0.28-fixfree.patch
@@ -0,0 +1,11 @@
+diff -up libsndfile-1.0.28/src/sndfile.c.fixfree libsndfile-1.0.28/src/sndfile.c
+--- libsndfile-1.0.28/src/sndfile.c.fixfree	2018-10-15 14:24:26.521941046 +0200
++++ libsndfile-1.0.28/src/sndfile.c	2018-10-15 14:24:26.534940869 +0200
+@@ -339,6 +339,7 @@ sf_open	(const char *path, int mode, SF_
+ 
+ 	if (copy_filename (psf, path) != 0)
+ 	{	sf_errno = psf->error ;
++		free(psf);
+ 		return	NULL ;
+ 		} ;
+ 
diff --git a/SOURCES/libsndfile-1.0.28-flacbufovfl.patch b/SOURCES/libsndfile-1.0.28-flacbufovfl.patch
new file mode 100644
index 0000000..1dc5b57
--- /dev/null
+++ b/SOURCES/libsndfile-1.0.28-flacbufovfl.patch
@@ -0,0 +1,64 @@
+From fd0484aba8e51d16af1e3a880f9b8b857b385eb3 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Wed, 12 Apr 2017 19:45:30 +1000
+Subject: [PATCH] FLAC: Fix a buffer read overrun
+
+Buffer read overrun occurs when reading a FLAC file that switches
+from 2 channels to one channel mid-stream. Only option is to
+abort the read.
+
+Closes: https://github.com/erikd/libsndfile/issues/230
+---
+ src/common.h  |  1 +
+ src/flac.c    | 13 +++++++++++++
+ src/sndfile.c |  1 +
+ 3 files changed, 15 insertions(+)
+
+diff --git a/src/common.h b/src/common.h
+index 0bd810c3..e2669b6a 100644
+--- a/src/common.h
++++ b/src/common.h
+@@ -725,6 +725,7 @@ enum
+ 	SFE_FLAC_INIT_DECODER,
+ 	SFE_FLAC_LOST_SYNC,
+ 	SFE_FLAC_BAD_SAMPLE_RATE,
++	SFE_FLAC_CHANNEL_COUNT_CHANGED,
+ 	SFE_FLAC_UNKOWN_ERROR,
+ 
+ 	SFE_WVE_NOT_WVE,
+diff --git a/src/flac.c b/src/flac.c
+index 84de0e26..986a7b8f 100644
+--- a/src/flac.c
++++ b/src/flac.c
+@@ -434,6 +434,19 @@ sf_flac_meta_callback (const FLAC__StreamDecoder * UNUSED (decoder), const FLAC_
+ 
+ 	switch (metadata->type)
+ 	{	case FLAC__METADATA_TYPE_STREAMINFO :
++			if (psf->sf.channels > 0 && psf->sf.channels != (int) metadata->data.stream_info.channels)
++			{	psf_log_printf (psf, "Error: FLAC stream changed from %d to %d channels\n"
++									"Nothing to be but to error out.\n" ,
++									psf->sf.channels, metadata->data.stream_info.channels) ;
++				psf->error = SFE_FLAC_CHANNEL_COUNT_CHANGED ;
++				return ;
++				} ;
++
++			if (psf->sf.channels > 0 && psf->sf.samplerate != (int) metadata->data.stream_info.sample_rate)
++			{	psf_log_printf (psf, "Warning: FLAC stream changed sample rates from %d to %d.\n"
++									"Carrying on as if nothing happened.",
++									psf->sf.samplerate, metadata->data.stream_info.sample_rate) ;
++				} ;
+ 			psf->sf.channels = metadata->data.stream_info.channels ;
+ 			psf->sf.samplerate = metadata->data.stream_info.sample_rate ;
+ 			psf->sf.frames = metadata->data.stream_info.total_samples ;
+diff --git a/src/sndfile.c b/src/sndfile.c
+index 41875610..e2a87be8 100644
+--- a/src/sndfile.c
++++ b/src/sndfile.c
+@@ -245,6 +245,7 @@ ErrorStruct SndfileErrors [] =
+ 	{	SFE_FLAC_INIT_DECODER	, "Error : problem with initialization of the flac decoder." },
+ 	{	SFE_FLAC_LOST_SYNC		, "Error : flac decoder lost sync." },
+ 	{	SFE_FLAC_BAD_SAMPLE_RATE, "Error : flac does not support this sample rate." },
++	{	SFE_FLAC_CHANNEL_COUNT_CHANGED, "Error : flac channel changed mid stream." },
+ 	{	SFE_FLAC_UNKOWN_ERROR	, "Error : unknown error in flac decoder." },
+ 
+ 	{	SFE_WVE_NOT_WVE			, "Error : not a WVE file." },
diff --git a/SOURCES/libsndfile-1.0.28-vafix.patch b/SOURCES/libsndfile-1.0.28-vafix.patch
new file mode 100644
index 0000000..bb72616
--- /dev/null
+++ b/SOURCES/libsndfile-1.0.28-vafix.patch
@@ -0,0 +1,114 @@
+diff -up libsndfile-1.0.28/src/common.c.vafix libsndfile-1.0.28/src/common.c
+--- libsndfile-1.0.28/src/common.c.vafix	2018-10-15 14:31:59.805758665 +0200
++++ libsndfile-1.0.28/src/common.c	2018-10-15 14:34:48.978445310 +0200
+@@ -561,7 +561,10 @@ psf_binheader_writef (SF_PRIVATE *psf, c
+ 	while ((c = *format++))
+ 	{
+ 		if (psf->header.indx + 16 >= psf->header.len && psf_bump_header_allocation (psf, 16))
++		{
++			va_end (argptr) ;
+ 			return count ;
++			} ;
+ 
+ 		switch (c)
+ 		{	case ' ' : /* Do nothing. Just used to space out format string. */
+@@ -677,7 +680,10 @@ psf_binheader_writef (SF_PRIVATE *psf, c
+ 					size = strlen (strptr) + 1 ;
+ 
+ 					if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1)))
++					{
++						va_end (argptr) ;
+ 						return count ;
++						} ;
+ 
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						header_put_be_int (psf, size + (size & 1)) ;
+@@ -698,7 +704,10 @@ psf_binheader_writef (SF_PRIVATE *psf, c
+ 					strptr = va_arg (argptr, char *) ;
+ 					size = strlen (strptr) ;
+ 					if (psf->header.indx + 4 + (sf_count_t) size + (sf_count_t) (size & 1) > psf->header.len && psf_bump_header_allocation (psf, 4 + size + (size & 1)))
++					{
++						va_end (argptr) ;
+ 						return count ;
++						} ;
+ 					if (psf->rwf_endian == SF_ENDIAN_BIG)
+ 						header_put_be_int (psf, size) ;
+ 					else
+@@ -718,7 +727,10 @@ psf_binheader_writef (SF_PRIVATE *psf, c
+ 					size = (size > 254) ? 254 : size ;
+ 
+ 					if (psf->header.indx + 1 + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, 1 + size))
++					{
++						va_end (argptr) ;
+ 						return count ;
++						} ;
+ 
+ 					header_put_byte (psf, size) ;
+ 					memcpy (&(psf->header.ptr [psf->header.indx]), strptr, size) ;
+@@ -731,7 +743,10 @@ psf_binheader_writef (SF_PRIVATE *psf, c
+ 					size	= va_arg (argptr, size_t) ;
+ 
+ 					if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size))
++					{
++						va_end (argptr) ;
+ 						return count ;
++						} ;
+ 
+ 					memcpy (&(psf->header.ptr [psf->header.indx]), bindata, size) ;
+ 					psf->header.indx += size ;
+@@ -742,7 +757,10 @@ psf_binheader_writef (SF_PRIVATE *psf, c
+ 					size = va_arg (argptr, size_t) ;
+ 
+ 					if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size))
++					{
++						va_end (argptr) ;
+ 						return count ;
++						} ;
+ 
+ 					count += size ;
+ 					while (size)
+@@ -763,7 +781,10 @@ psf_binheader_writef (SF_PRIVATE *psf, c
+ 					size = va_arg (argptr, size_t) ;
+ 
+ 					if (psf->header.indx + (sf_count_t) size > psf->header.len && psf_bump_header_allocation (psf, size))
++					{
++						va_end (argptr) ;
+ 						return count ;
++						} ;
+ 
+ 					psf->header.indx += size ;
+ 					count += size ;
+@@ -773,7 +794,10 @@ psf_binheader_writef (SF_PRIVATE *psf, c
+ 					size = va_arg (argptr, size_t) ;
+ 
+ 					if ((sf_count_t) size >= psf->header.len && psf_bump_header_allocation (psf, size))
++					{
++						va_end (argptr) ;
+ 						return count ;
++						} ;
+ 
+ 					psf->header.indx = size ;
+ 					break ;
+@@ -960,7 +984,10 @@ psf_binheader_readf (SF_PRIVATE *psf, ch
+ 	while ((c = *format++))
+ 	{
+ 		if (psf->header.indx + 16 >= psf->header.len && psf_bump_header_allocation (psf, 16))
++		{
++			va_end (argptr) ;
+ 			return count ;
++			} ;
+ 
+ 		switch (c)
+ 		{	case 'e' : /* All conversions are now from LE to host. */
+@@ -1087,7 +1114,10 @@ psf_binheader_readf (SF_PRIVATE *psf, ch
+ 					memset (charptr, 0, count) ;
+ 
+ 					if (psf->header.indx + count >= psf->header.len && psf_bump_header_allocation (psf, count))
+-						return 0 ;
++					{
++						va_end (argptr) ;
++						return count ;
++						} ;
+ 
+ 					byte_count += header_gets (psf, charptr, count) ;
+ 					break ;
diff --git a/SOURCES/libsndfile-1.0.29-cve2017_6892.patch b/SOURCES/libsndfile-1.0.29-cve2017_6892.patch
new file mode 100644
index 0000000..d5ccf72
--- /dev/null
+++ b/SOURCES/libsndfile-1.0.29-cve2017_6892.patch
@@ -0,0 +1,25 @@
+From f833c53cb596e9e1792949f762e0b33661822748 Mon Sep 17 00:00:00 2001
+From: Erik de Castro Lopo <erikd@mega-nerd.com>
+Date: Tue, 23 May 2017 20:15:24 +1000
+Subject: [PATCH] src/aiff.c: Fix a buffer read overflow
+
+Secunia Advisory SA76717.
+
+Found by: Laurent Delosieres, Secunia Research at Flexera Software
+---
+ src/aiff.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/aiff.c b/src/aiff.c
+index 5b5f9f53..45864b76 100644
+--- a/src/aiff.c
++++ b/src/aiff.c
+@@ -1759,7 +1759,7 @@ aiff_read_chanmap (SF_PRIVATE * psf, unsigned dword)
+ 		psf_binheader_readf (psf, "j", dword - bytesread) ;
+ 
+ 	if (map_info->channel_map != NULL)
+-	{	size_t chanmap_size = psf->sf.channels * sizeof (psf->channel_map [0]) ;
++	{	size_t chanmap_size = SF_MIN (psf->sf.channels, layout_tag & 0xffff) * sizeof (psf->channel_map [0]) ;
+ 
+ 		free (psf->channel_map) ;
+ 
diff --git a/SOURCES/revert.patch b/SOURCES/revert.patch
new file mode 100644
index 0000000..fbdd96d
--- /dev/null
+++ b/SOURCES/revert.patch
@@ -0,0 +1,37 @@
+--- libsndfile-1.0.28/src/rf64.c	2017-04-02 09:43:22.000000000 +0200
++++ libsndfile-1.0.27/src/rf64.c	2016-04-01 23:08:53.000000000 +0200
+@@ -735,25 +734,27 @@ rf64_write_header (SF_PRIVATE *psf, int
+ 
+ #endif
+ 
+-	pad_size = psf->dataoffset - 16 - psf->header.indx ;
+-	if (pad_size >= 0)
+-		psf_binheader_writef (psf, "m4z", PAD_MARKER, pad_size, make_size_t (pad_size)) ;
++	if (psf->header.indx + 8 < psf->dataoffset)
++	{	/* Add PAD data if necessary. */
++		int k = psf->dataoffset - 16 - psf->header.indx ;
++		psf_binheader_writef (psf, "m4z", PAD_MARKER, k, make_size_t (k)) ;
++		} ;
+ 
+ 	if (wpriv->rf64_downgrade && (psf->filelength < RIFF_DOWNGRADE_BYTES))
+ 		psf_binheader_writef (psf, "tm8", data_MARKER, psf->datalength) ;
+ 	else
+ 		psf_binheader_writef (psf, "m4", data_MARKER, 0xffffffff) ;
+ 
+-	psf_fwrite (psf->header.ptr, psf->header.indx, 1, psf) ;
++	psf_fwrite (psf->header.ptr, psf->header.indx, 1, psf) ;
+ 	if (psf->error)
+ 		return psf->error ;
+ 
+-	if (has_data && psf->dataoffset != psf->header.indx)
+-	{	psf_log_printf (psf, "Oooops : has_data && psf->dataoffset != psf->header.indx\n") ;
++	if (has_data && psf->dataoffset != psf->header.indx)
++	{	psf_log_printf (psf, "Oooops : has_data && psf->dataoffset != psf->header.indx\n") ;
+ 		return psf->error = SFE_INTERNAL ;
+ 		} ;
+ 
+-	psf->dataoffset = psf->header.indx ;
++	psf->dataoffset = psf->header.indx ;
+ 
+ 	if (NOT (has_data))
+ 		psf_fseek (psf, psf->dataoffset, SEEK_SET) ;
diff --git a/SPECS/libsndfile.spec b/SPECS/libsndfile.spec
new file mode 100644
index 0000000..368e9f3
--- /dev/null
+++ b/SPECS/libsndfile.spec
@@ -0,0 +1,363 @@
+Summary:	Library for reading and writing sound files
+Name:		libsndfile
+Version:	1.0.28
+Release:	8%{?dist}
+License:	LGPLv2+ and GPLv2+ and BSD
+Group:		System Environment/Libraries
+URL:		http://www.mega-nerd.com/libsndfile/
+Source0:	http://www.mega-nerd.com/libsndfile/files/libsndfile-%{version}.tar.gz
+Patch0:		libsndfile-1.0.25-system-gsm.patch
+Patch1:		libsndfile-1.0.25-zerodivfix.patch
+Patch2: revert.patch
+Patch3: libsndfile-1.0.28-flacbufovfl.patch
+Patch4: libsndfile-1.0.29-cve2017_6892.patch
+#libsndfile-1.0.29-cve2017_6892.patch
+# from upstream, for <= 1.0.28, rhbz#1483140
+Patch5: libsndfile-1.0.28-cve2017_12562.patch
+Patch6: libsndfile-1.0.28-fixfree.patch
+Patch7: libsndfile-1.0.28-vafix.patch
+BuildRequires:	alsa-lib-devel
+BuildRequires:	flac-devel
+BuildRequires:	libogg-devel
+BuildRequires:	libvorbis-devel
+BuildRequires:	pkgconfig
+BuildRequires:	sqlite-devel
+BuildRequires:	gsm-devel
+BuildRequires:	libtool
+
+
+%description
+libsndfile is a C library for reading and writing sound files such as
+AIFF, AU, WAV, and others through one standard interface. It can
+currently read/write 8, 16, 24 and 32-bit PCM files as well as 32 and
+64-bit floating point WAV files and a number of compressed formats. It
+compiles and runs on *nix, MacOS, and Win32.
+
+
+%package devel
+Summary:	Development files for libsndfile
+Group:		Development/Libraries
+Requires:	%{name}%{?_isa} = %{version}-%{release} pkgconfig
+
+
+%description devel
+libsndfile is a C library for reading and writing sound files such as
+AIFF, AU, WAV, and others through one standard interface.
+This package contains files needed to develop with libsndfile.
+
+
+%package utils
+Summary:	Command Line Utilities for libsndfile
+Group:		Applications/Multimedia
+Requires:	%{name} = %{version}-%{release}
+
+
+%description utils
+libsndfile is a C library for reading and writing sound files such as
+AIFF, AU, WAV, and others through one standard interface.
+This package contains command line utilities for libsndfile.
+
+
+%prep
+%setup -q
+%patch0 -p1 -b .systemgsm
+%patch1 -p1 -b .zerodivfix
+%patch2 -p1 -b .revert
+%patch3 -p1 -b .flacbufovfl
+%patch4 -p1 -b .cve2017_6892
+%patch5 -p1 -b .cve2017_12562
+%patch6 -p1 -b .fixfree
+%patch7 -p1 -b .vafix
+rm -r src/GSM610
+
+%build
+autoreconf -I M4 -fiv # for system-gsm patch
+%configure \
+	--disable-dependency-tracking \
+	--enable-sqlite \
+	--enable-alsa \
+	--enable-largefile \
+	--disable-static
+
+# Get rid of rpath
+sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
+sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
+
+make %{?_smp_mflags}
+
+
+%install
+make install DESTDIR=$RPM_BUILD_ROOT
+rm -rf __docs
+mkdir __docs
+cp -pR $RPM_BUILD_ROOT%{_docdir}/%{name}/* __docs
+rm -rf $RPM_BUILD_ROOT%{_docdir}/%{name}
+find %{buildroot} -type f -name "*.la" -delete
+
+# fix multilib issues
+mv %{buildroot}%{_includedir}/sndfile.h \
+   %{buildroot}%{_includedir}/sndfile-%{__isa_bits}.h
+
+cat > %{buildroot}%{_includedir}/sndfile.h <<EOF
+#include <bits/wordsize.h>
+
+#if __WORDSIZE == 32
+# include "sndfile-32.h"
+#elif __WORDSIZE == 64
+# include "sndfile-64.h"
+#else
+# error "unexpected value for __WORDSIZE macro"
+#endif
+EOF
+
+%if 0%{?rhel} != 0
+rm -f %{buildroot}%{_bindir}/sndfile-jackplay
+%endif
+
+
+%check
+LD_LIBRARY_PATH=$PWD/src/.libs make check
+
+
+%post -p /sbin/ldconfig
+
+%postun -p /sbin/ldconfig
+
+
+%files
+%{!?_licensedir:%global license %%doc}
+%license COPYING
+%doc AUTHORS README NEWS
+%{_libdir}/%{name}.so.*
+
+%files utils
+%{_bindir}/sndfile-cmp
+%{_bindir}/sndfile-concat
+%{_bindir}/sndfile-convert
+%{_bindir}/sndfile-deinterleave
+%{_bindir}/sndfile-info
+%{_bindir}/sndfile-interleave
+%{_bindir}/sndfile-metadata-get
+%{_bindir}/sndfile-metadata-set
+%{_bindir}/sndfile-play
+%{_bindir}/sndfile-regtest
+%{_bindir}/sndfile-salvage
+%{_mandir}/man1/sndfile-cmp.1*
+%{_mandir}/man1/sndfile-concat.1*
+%{_mandir}/man1/sndfile-convert.1*
+%{_mandir}/man1/sndfile-deinterleave.1*
+%{_mandir}/man1/sndfile-info.1*
+%{_mandir}/man1/sndfile-interleave.1*
+%{_mandir}/man1/sndfile-metadata-get.1*
+%{_mandir}/man1/sndfile-metadata-set.1*
+%{_mandir}/man1/sndfile-play.1*
+%{_mandir}/man1/sndfile-salvage.1*
+
+%files devel
+%doc __docs ChangeLog
+%{_includedir}/sndfile.h
+%{_includedir}/sndfile.hh
+%{_includedir}/sndfile-%{__isa_bits}.h
+%{_libdir}/%{name}.so
+%{_libdir}/pkgconfig/sndfile.pc
+
+
+%changelog
+* Mon Oct 15 2018 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-8
+- fix coverity scan found issues (#1602592)
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.28-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Thu Aug 24 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-6
+- heap-based Buffer Overflow in psf_binheader_writef function (#1483140, CVE-2017-12562)
+
+* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.28-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.28-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Wed Jun 21 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-3
+- fix buffer overflow in aiff (CVE-2017-6892,rhbz#1463328)
+
+* Mon Jun 05 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-2
+- fix flac and pcm buffer overflows (CVE-2017-8361,CVE-2017-8362,CVE-2017-8363,CVE-2017-8365)
+
+* Tue Apr 11 2017 Michal Hlavinka <mhlavink@redhat.com> - 1.0.28-1
+- updated to 1.0.28
+- fix possible buffer overflow when parsing crafted ID3 tags (#1440758, CVE-2017-7586)
+- fix possible buffer overflow when parsing crafted flac file (#1440756, CVE-2017-7585)
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.27-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Fri Nov 11 2016 Michal Hlavinka <mhlavink@redhat.com> - 1.0.27-1
+- updated to 1.0.27
+
+* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 1.0.25-20
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Fri Nov 06 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.25-19
+- fix incomplete patch for CVE-2015-7805
+
+* Fri Nov 06 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.25-18
+- fix CVE-2015-7805: Heap overflow vulnerability when parsing specially
+  crafted AIFF header
+
+* Thu Aug 27 2015 Marcin Juszkiewicz <mjuszkiewicz@redhat.com> - 1.0.25-17
+- Use __isa_bits macro instead of list of 64-bit architectures
+
+* Sun Jul 19 2015 Peter Robinson <pbrobinson@fedoraproject.org> 1.0.25-16
+- Fix FTBFS
+- Use %%license
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.25-15
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Tue Jan 13 2015 Michal Hlavinka <mhlavink@redhat.com> - 1.0.25-14
+- fix CVE-2014-9496: 2 buffer overruns in sd2_parse_rsrc_fork (#1178840)
+- division by zero leading to denial of service in psf_fwrite (#1177254)
+
+* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.25-13
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
+
+* Sat Aug 02 2014 Kalev Lember <kalevlember@gmail.com> - 1.0.25-12
+- Fix up previous commit
+
+* Sat Aug  2 2014 Peter Robinson <pbrobinson@fedoraproject.org> 1.0.25-11
+- Modernise spec
+- Generic 32/64bit platform detection
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.25-10
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Mon Jan 13 2014 Michal Hlavinka <mhlavink@redhat.com> - 1.0.25-9
+- fix ppc64le build (#1051639)
+
+* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.25-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
+
+* Mon Jun 03 2013 Michal Hlavinka <mhlavink@redhat.com> - 1.0.25-7
+- fix support for aarch64, another part (#969831)
+
+* Wed Mar 27 2013 Michal Hlavinka <mhlavink@redhat.com> - 1.0.25-6
+- fix support for aarch64 (#925887)
+
+* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.25-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
+
+* Thu Jul 19 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.25-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
+
+* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.25-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
+
+* Sat Nov 12 2011 Ville Skyttä <ville.skytta@iki.fi> - 1.0.25-2
+- Patch to use system libgsm instead of a bundled copy.
+- Make main package dep in -devel ISA qualified.
+- Drop -octave Provides (not actually built with octave > 3.0).
+- Don't build throwaway static lib.
+- Run test suite during build.
+
+* Thu Jul 14 2011 Michal Hlavinka <mhlavink@redhat.com> - 1.0.25-1
+- Update to 1.0.25
+- fixes integer overflow by processing certain PAF audio files (#721240)
+
+* Sun Mar 27 2011 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.0.24-1
+- Update to 1.0.24
+
+* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.23-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
+
+* Sat Oct 16 2010 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.0.23-1
+- Update to 10.0.23
+
+* Tue Oct 05 2010 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.0.22-1
+- Update to 10.0.22
+
+* Tue May 11 2010 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.0.21-1
+- Update to 10.0.21
+- Do not include the static library in the package (RHBZ#556074)
+- Remove BR on jack since sndfile-jackplay is not provided anymore
+
+* Mon Feb  1 2010 Stepan Kasal <skasal@redhat.com> - 1.0.20-5
+- Do not build against Jack on RHEL
+- Fix the Source0: URL
+- Fix the licence tag
+
+* Sat Nov 14 2009 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.0.20-4
+- Split utils into a subpackage
+
+* Sat Nov 14 2009 Orcan Ogetbil <oget[dot]fedora[at]gmail[dot]com> - 1.0.20-3
+- Add FLAC/Ogg/Vorbis support (BR: libvorbis-devel)
+- Make build verbose
+- Remove rpath
+- Fix ChangeLog encoding
+- Move the big Changelog to the devel package
+
+* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.20-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
+* Sat Jun 06 2009 Lennart Poettering <lpoetter@redhat.com> - 1.0.20-1
+- Updated to 1.0.20
+
+* Tue Mar 03 2009 Robert Scheck <robert@fedoraproject.org> - 1.0.17-8
+- Rebuilt against libtool 2.2
+
+* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.17-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
+
+* Sat Oct 25 2008 Andreas Thienemann <andreas@bawue.net> - 1.0.17-6
+- Removed spurious #endif in the libsndfile.h wrapper. Thx to Edward
+  Sheldrake for finding it. Fixes #468508.
+- Fix build for autoconf-2.63
+
+* Thu Oct 23 2008 Andreas Thienemann <andreas@bawue.net> - 1.0.17-5
+- Fixed multilib conflict. #342401
+- Made flac support actually work correctly.
+
+* Thu Aug  7 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 1.0.17-4
+- fix license tag
+
+* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 1.0.17-3
+- Autorebuild for GCC 4.3
+
+* Thu Sep 20 2007 Andreas Thienemann <andreas@bawue.net> - 1.0.17-2
+- Adding FLAC support to libsndfile courtesy of gentoo, #237575
+- Fixing CVE-2007-4974. Thanks to the gentoo people for the patch, #296221
+
+* Fri Sep 08 2006 Andreas Thienemann <andreas@bawue.net> - 1.0.17-1
+- Updated to 1.0.17
+
+* Sun Apr 30 2006 Andreas Thienemann <andreas@bawue.net> - 1.0.16-1
+- Updated to 1.0.16
+
+* Thu Mar 30 2006 Andreas Thienemann <andreas@bawue.net> - 1.0.15-1
+- Updated to 1.0.15
+
+* Thu Mar 16 2006 Dams <anvil[AT]livna.org> - 1.0.14-1.fc5
+- Updated to 1.0.14
+- Dropped patch0
+
+* Thu May 12 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 1.0.11-3
+- rebuilt
+
+* Sat Mar  5 2005 Michael Schwendt <mschwendt[AT]users.sf.net> - 1.0.11-2
+- Fix format string bug (#149863).
+- Drop explicit Epoch 0.
+
+* Sat Dec  4 2004 Ville Skyttä <ville.skytta@iki.fi> - 0:1.0.11-0.fdr.1
+- Update to 1.0.11.
+
+* Wed Oct 13 2004 Ville Skyttä <ville.skytta@iki.fi> - 0:1.0.10-0.fdr.1
+- Update to 1.0.10, update URLs, include ALSA support.
+- Disable dependency tracking to speed up the build.
+- Add missing ldconfig invocations.
+- Make -devel require pkgconfig.
+- Include developer docs in -devel.
+- Provide -octave in main package, own more related dirs.
+- Bring specfile up to date with current spec templates.
+
+* Sat Apr 12 2003 Dams <anvil[AT]livna.org>
+- Initial build.