Subject: PR/35375 CVS commit: [pkgsrc-2006Q4] pkgsrc/multimedia/xine-ui
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: Geert Hendrickx <ghen@netbsd.org>
List: pkgsrc-bugs
Date: 03/05/2007 12:15:05
The following reply was made to PR pkg/35375; it has been noted by GNATS.
From: Geert Hendrickx <ghen@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: PR/35375 CVS commit: [pkgsrc-2006Q4] pkgsrc/multimedia/xine-ui
Date: Mon, 5 Mar 2007 12:11:43 +0000 (UTC)
Module Name: pkgsrc
Committed By: ghen
Date: Mon Mar 5 12:11:43 UTC 2007
Modified Files:
pkgsrc/multimedia/xine-ui [pkgsrc-2006Q4]: Makefile distinfo
pkgsrc/multimedia/xine-ui/patches [pkgsrc-2006Q4]: patch-ai patch-aq
patch-ar
Added Files:
pkgsrc/multimedia/xine-ui/patches [pkgsrc-2006Q4]: patch-as patch-au
patch-av patch-aw patch-ax patch-ay patch-az patch-ba patch-bb
patch-bc
Log Message:
Pullup ticket 2026 - requested by salo
security update for xine-ui
- pkgsrc/multimedia/xine-ui/Makefile 1.30, 1.34 via patch
- pkgsrc/multimedia/xine-ui/distinfo 1.12, 1.14 via patch
- pkgsrc/multimedia/xine-ui/patches/patch-ai 1.2
- pkgsrc/multimedia/xine-ui/patches/patch-aq 1.2
- pkgsrc/multimedia/xine-ui/patches/patch-ar 1.2
- pkgsrc/multimedia/xine-ui/patches/patch-as 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-au 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-av 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-aw 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ax 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ay 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-az 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ba 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-bb 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-bc 1.1
Module Name: pkgsrc
Committed By: drochner
Date: Tue Jan 9 14:52:41 UTC 2007
Modified Files:
pkgsrc/multimedia/xine-ui: Makefile distinfo
pkgsrc/multimedia/xine-ui/patches: patch-ar
Added Files:
pkgsrc/multimedia/xine-ui/patches: patch-as
Log Message:
fix PR pkg/35375: xine-ui freezes konsole sessions from
Sergey Svishchev, patch from xine CVS
---
Module Name: pkgsrc
Committed By: salo
Date: Sat Feb 17 22:48:18 UTC 2007
Modified Files:
pkgsrc/multimedia/xine-ui: Makefile distinfo
pkgsrc/multimedia/xine-ui/patches: patch-ai patch-aq
Added Files:
pkgsrc/multimedia/xine-ui/patches: patch-au patch-av patch-aw patch-ax
patch-ay patch-az patch-ba patch-bb patch-bc
Log Message:
Security fixes for CVE-2007-0254 (and more):
"A vulnerability has been reported in xine-ui, which potentially can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a format string error within the
"errors_create_window()" function in errors.c. This may be exploited to
execute arbitrary code by e.g. tricking a user into opening a specially
crafted playlist file."
Patch from SUSE.
Bump PKGREVISION.
XXX: The sources are a real mess. My condolences to everyone using it.
And good luck, you'll need it!..
To generate a diff of this commit:
cvs rdiff -r1.28 -r1.28.2.1 pkgsrc/multimedia/xine-ui/Makefile
cvs rdiff -r1.11 -r1.11.6.1 pkgsrc/multimedia/xine-ui/distinfo
cvs rdiff -r1.1 -r1.1.22.1 pkgsrc/multimedia/xine-ui/patches/patch-ai
cvs rdiff -r1.1 -r1.1.8.1 pkgsrc/multimedia/xine-ui/patches/patch-aq \
pkgsrc/multimedia/xine-ui/patches/patch-ar
cvs rdiff -r0 -r1.1.2.1 pkgsrc/multimedia/xine-ui/patches/patch-as \
pkgsrc/multimedia/xine-ui/patches/patch-au \
pkgsrc/multimedia/xine-ui/patches/patch-av \
pkgsrc/multimedia/xine-ui/patches/patch-aw \
pkgsrc/multimedia/xine-ui/patches/patch-ax \
pkgsrc/multimedia/xine-ui/patches/patch-ay \
pkgsrc/multimedia/xine-ui/patches/patch-az \
pkgsrc/multimedia/xine-ui/patches/patch-ba \
pkgsrc/multimedia/xine-ui/patches/patch-bb \
pkgsrc/multimedia/xine-ui/patches/patch-bc
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.