pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2004Q4]: pkgsrc/multimedia/xine-lib Pullup ticket 110 - reques...
details: https://anonhg.NetBSD.org/pkgsrc/rev/26b48ac563d0
branches: pkgsrc-2004Q4
changeset: 485802:26b48ac563d0
user: salo <salo%pkgsrc.org@localhost>
date: Fri Jan 07 01:22:20 2005 +0000
description:
Pullup ticket 110 - requested by Matthias Scheler
security fix for xine-lib
Module Name: pkgsrc
Committed By: tron
Date: Thu Jan 6 12:04:08 UTC 2005
Modified Files:
pkgsrc/multimedia/xine-lib: Makefile buildlink3.mk distinfo
Added Files:
pkgsrc/multimedia/xine-lib/patches: patch-aj
Log Message:
Fix buffer overflow reported in CAN-2004-1300, bump package revision.
diffstat:
multimedia/xine-lib/Makefile | 4 +++-
multimedia/xine-lib/buildlink3.mk | 4 ++--
multimedia/xine-lib/distinfo | 3 ++-
multimedia/xine-lib/patches/patch-aj | 14 ++++++++++++++
4 files changed, 21 insertions(+), 4 deletions(-)
diffs (68 lines):
diff -r b6bd72d9232e -r 26b48ac563d0 multimedia/xine-lib/Makefile
--- a/multimedia/xine-lib/Makefile Thu Jan 06 00:40:33 2005 +0000
+++ b/multimedia/xine-lib/Makefile Fri Jan 07 01:22:20 2005 +0000
@@ -1,8 +1,10 @@
-# $NetBSD: Makefile,v 1.14 2004/10/27 20:31:33 drochner Exp $
+# $NetBSD: Makefile,v 1.14.2.1 2005/01/07 01:22:20 salo Exp $
#
.include "Makefile.common"
+PKGREVISION= 2
+
.if ${MACHINE_ARCH} == "i386"
DEPENDS+= win32-codecs>=011227:../../multimedia/win32-codecs
PLIST_SUBST+= I386=""
diff -r b6bd72d9232e -r 26b48ac563d0 multimedia/xine-lib/buildlink3.mk
--- a/multimedia/xine-lib/buildlink3.mk Thu Jan 06 00:40:33 2005 +0000
+++ b/multimedia/xine-lib/buildlink3.mk Fri Jan 07 01:22:20 2005 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: buildlink3.mk,v 1.7 2004/10/03 00:13:03 tv Exp $
+# $NetBSD: buildlink3.mk,v 1.7.2.1 2005/01/07 01:22:20 salo Exp $
BUILDLINK_DEPTH:= ${BUILDLINK_DEPTH}+
XINE_LIB_BUILDLINK3_MK:= ${XINE_LIB_BUILDLINK3_MK}+
@@ -12,7 +12,7 @@
.if !empty(XINE_LIB_BUILDLINK3_MK:M+)
BUILDLINK_DEPENDS.xine-lib+= xine-lib>=1rc3c
-BUILDLINK_RECOMMENDED.xine-lib+=xine-lib>=1rc5nb2
+BUILDLINK_RECOMMENDED.xine-lib+=xine-lib>=1rc8nb2
BUILDLINK_PKGSRCDIR.xine-lib?= ../../multimedia/xine-lib
.endif # XINE_LIB_BUILDLINK3_MK
diff -r b6bd72d9232e -r 26b48ac563d0 multimedia/xine-lib/distinfo
--- a/multimedia/xine-lib/distinfo Thu Jan 06 00:40:33 2005 +0000
+++ b/multimedia/xine-lib/distinfo Fri Jan 07 01:22:20 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.9 2004/10/27 20:31:33 drochner Exp $
+$NetBSD: distinfo,v 1.9.2.1 2005/01/07 01:22:20 salo Exp $
SHA1 (xine-lib-1-rc6a.tar.gz) = 9359543ae3cc34f25af08ef42cbd13f08cae8398
Size (xine-lib-1-rc6a.tar.gz) = 7003035 bytes
@@ -10,6 +10,7 @@
SHA1 (patch-ag) = f9e0a5e57e24739e2526266e1804b2a0b4ff41ed
SHA1 (patch-ah) = 3f9b23c4a7994259056b73209a9e194db759f06d
SHA1 (patch-ai) = f71e3cb57bf30cbf9653a469c040b6e3f717ba97
+SHA1 (patch-aj) = 2b3b086e24460eca0b611ea07b2ada11bfa5ce79
SHA1 (patch-am) = 10f6433a8549bdce60ace5dcbd51df85eaa7ea16
SHA1 (patch-ao) = ccf11ec7335b745a9c998906c4ff61e7a5631ed6
SHA1 (patch-ap) = aaf63024c1049c1f2175d9974367a6b84ac3028f
diff -r b6bd72d9232e -r 26b48ac563d0 multimedia/xine-lib/patches/patch-aj
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/multimedia/xine-lib/patches/patch-aj Fri Jan 07 01:22:20 2005 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-aj,v 1.2.8.1 2005/01/07 01:22:20 salo Exp $
+
+--- src/demuxers/demux_aiff.c.orig 2004-06-13 22:28:52.000000000 +0100
++++ src/demuxers/demux_aiff.c 2005-01-06 11:38:44.000000000 +0000
+@@ -122,7 +122,8 @@
+ chunk_size = BE_32(&preamble[4]);
+
+ if (chunk_type == COMM_TAG) {
+- if (this->input->read(this->input, buffer, chunk_size) !=
++ if (chunk_size > sizeof (buffer) ||
++ this->input->read(this->input, buffer, chunk_size) !=
+ chunk_size) {
+ this->status = DEMUX_FINISHED;
+ return 0;
Home |
Main Index |
Thread Index |
Old Index