pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/multimedia/xine-lib Add patches to fix security vulner...
details: https://anonhg.NetBSD.org/pkgsrc/rev/b166245dddb0
branches: trunk
changeset: 493040:b166245dddb0
user: tron <tron%pkgsrc.org@localhost>
date: Tue Apr 26 12:48:34 2005 +0000
description:
Add patches to fix security vulnerability reported in XSA-2004-8.
Bump package revision because of this change.
diffstat:
multimedia/xine-lib/Makefile | 4 ++--
multimedia/xine-lib/distinfo | 4 +++-
multimedia/xine-lib/patches/patch-aj | 21 +++++++++++++++++++++
multimedia/xine-lib/patches/patch-ak | 21 +++++++++++++++++++++
4 files changed, 47 insertions(+), 3 deletions(-)
diffs (82 lines):
diff -r f22e79e13b04 -r b166245dddb0 multimedia/xine-lib/Makefile
--- a/multimedia/xine-lib/Makefile Tue Apr 26 11:36:55 2005 +0000
+++ b/multimedia/xine-lib/Makefile Tue Apr 26 12:48:34 2005 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.19 2005/03/30 10:23:45 tron Exp $
+# $NetBSD: Makefile,v 1.20 2005/04/26 12:48:34 tron Exp $
.include "Makefile.common"
-PKGREVISION= 1
+PKGREVISION= 2
.if ${MACHINE_ARCH} == "i386"
DEPENDS+= win32-codecs>=011227:../../multimedia/win32-codecs
diff -r f22e79e13b04 -r b166245dddb0 multimedia/xine-lib/distinfo
--- a/multimedia/xine-lib/distinfo Tue Apr 26 11:36:55 2005 +0000
+++ b/multimedia/xine-lib/distinfo Tue Apr 26 12:48:34 2005 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.16 2005/04/13 16:54:02 rillig Exp $
+$NetBSD: distinfo,v 1.17 2005/04/26 12:48:35 tron Exp $
SHA1 (xine-lib-1.0.tar.gz) = dd02fb31c68ae68e2283d02e16bb8e80fcced9fd
RMD160 (xine-lib-1.0.tar.gz) = ad84871d50d51552ba8913c0744e4a2b2b21f124
@@ -11,6 +11,8 @@
SHA1 (patch-ag) = 7be1e3d83e3757cf955523245be2deb4cea12998
SHA1 (patch-ah) = 3f9b23c4a7994259056b73209a9e194db759f06d
SHA1 (patch-ai) = f71e3cb57bf30cbf9653a469c040b6e3f717ba97
+SHA1 (patch-aj) = e9a26ede23d53d83c2799076770e49562a4fc1ea
+SHA1 (patch-ak) = 1dfd2c3d86904ef4869dde4f4309564ac6c9323c
SHA1 (patch-am) = 10f6433a8549bdce60ace5dcbd51df85eaa7ea16
SHA1 (patch-ao) = 1247ba7ef23f2b28b2c0a177208c912e2fc259a0
SHA1 (patch-ap) = aaf63024c1049c1f2175d9974367a6b84ac3028f
diff -r f22e79e13b04 -r b166245dddb0 multimedia/xine-lib/patches/patch-aj
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/multimedia/xine-lib/patches/patch-aj Tue Apr 26 12:48:34 2005 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-aj,v 1.5 2005/04/26 12:48:35 tron Exp $
+
+--- src/input/mms.c 2005/01/18 23:25:34 1.55
++++ src/input/mms.c 2005/04/21 19:02:43 1.56
+@@ -583,9 +583,13 @@
+ lprintf ("stream object, stream id: %d, type: %d, encrypted: %d\n",
+ stream_id, type, encrypted);
+
+- this->stream_types[stream_id] = type;
+- this->stream_ids[this->num_stream_ids] = stream_id;
+- this->num_stream_ids++;
++ if (this->num_stream_ids < ASF_MAX_NUM_STREAMS && stream_id < ASF_MAX_NUM_STREAMS) {
++ this->stream_types[stream_id] = type;
++ this->stream_ids[this->num_stream_ids] = stream_id;
++ this->num_stream_ids++;
++ } else {
++ lprintf ("too many streams, skipping\n");
++ }
+
+ }
+ break;
diff -r f22e79e13b04 -r b166245dddb0 multimedia/xine-lib/patches/patch-ak
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/multimedia/xine-lib/patches/patch-ak Tue Apr 26 12:48:34 2005 +0000
@@ -0,0 +1,21 @@
+$NetBSD: patch-ak,v 1.3 2005/04/26 12:48:35 tron Exp $
+
+--- src/input/librtsp/rtsp.c 2004/07/25 17:13:54 1.18
++++ src/input/librtsp/rtsp.c 2005/04/16 07:10:51 1.19
+@@ -218,6 +218,7 @@
+ unsigned int answer_seq;
+ char **answer_ptr=s->answers;
+ int code;
++ int ans_count = 0;
+
+ answer=rtsp_get(s);
+ if (!answer)
+@@ -268,7 +269,7 @@
+ }
+ *answer_ptr=answer;
+ answer_ptr++;
+- } while (strlen(answer)!=0);
++ } while ((strlen(answer)!=0) && (++ans_count < MAX_FIELDS));
+
+ s->cseq++;
+
Home |
Main Index |
Thread Index |
Old Index