[pkgsrc/trunk]: pkgsrc/audio/libcdaudio fixa possible heap overflow due to wr...

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/audio/libcdaudio fixa possible heap overflow due to wr...
From: drochner <drochner%pkgsrc.org@localhost>
Date: Thu, 14 Oct 2021 06:55:08 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/71a4d6b9059f
branches:  trunk
changeset: 550399:71a4d6b9059f
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Fri Nov 21 10:38:19 2008 +0000

description:
fixa possible heap overflow due to wrong buffer length check
(CVE-2008-5030), from Debian, bump PKGREVISION

diffstat:

 audio/libcdaudio/Makefile         |   4 ++--
 audio/libcdaudio/distinfo         |   4 ++--
 audio/libcdaudio/patches/patch-ac |  13 +++++++++++--
 3 files changed, 15 insertions(+), 6 deletions(-)

diffs (52 lines):

diff -r 9a681d50dd08 -r 71a4d6b9059f audio/libcdaudio/Makefile
--- a/audio/libcdaudio/Makefile Fri Nov 21 09:47:39 2008 +0000
+++ b/audio/libcdaudio/Makefile Fri Nov 21 10:38:19 2008 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.29 2008/07/14 12:55:56 joerg Exp $
+# $NetBSD: Makefile,v 1.30 2008/11/21 10:38:19 drochner Exp $
 
 DISTNAME=      libcdaudio-0.99.12
-PKGREVISION=   1
+PKGREVISION=   2
 CATEGORIES=    audio
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=libcdaudio/}
 
diff -r 9a681d50dd08 -r 71a4d6b9059f audio/libcdaudio/distinfo
--- a/audio/libcdaudio/distinfo Fri Nov 21 09:47:39 2008 +0000
+++ b/audio/libcdaudio/distinfo Fri Nov 21 10:38:19 2008 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.12 2005/09/06 08:10:57 abs Exp $
+$NetBSD: distinfo,v 1.13 2008/11/21 10:38:19 drochner Exp $
 
 SHA1 (libcdaudio-0.99.12.tar.gz) = 1862d3f387634a216faa867164d840b6f5552294
 RMD160 (libcdaudio-0.99.12.tar.gz) = 57f7446db6c65c968eb58a9404652718d6517b74
 Size (libcdaudio-0.99.12.tar.gz) = 357150 bytes
 SHA1 (patch-aa) = f7cf7d430917e6860fb43529cb349d358890f7a4
 SHA1 (patch-ab) = 9df8c234de3cb5a6b262fae093e430e471afa1f0
-SHA1 (patch-ac) = 073ceed3794fbd889b0efec49cd2dfe63c7fda07
+SHA1 (patch-ac) = a67d2b7ea503c4d696a05024d46f8a895c47051b
diff -r 9a681d50dd08 -r 71a4d6b9059f audio/libcdaudio/patches/patch-ac
--- a/audio/libcdaudio/patches/patch-ac Fri Nov 21 09:47:39 2008 +0000
+++ b/audio/libcdaudio/patches/patch-ac Fri Nov 21 10:38:19 2008 +0000
@@ -1,6 +1,6 @@
-$NetBSD: patch-ac,v 1.1 2005/04/15 01:50:57 rh Exp $
+$NetBSD: patch-ac,v 1.2 2008/11/21 10:38:19 drochner Exp $
 
---- src/cddb.c.orig    2004-09-09 11:26:39.000000000 +1000
+--- src/cddb.c.orig    2004-09-09 03:26:39.000000000 +0200
 +++ src/cddb.c
 @@ -1052,7 +1052,7 @@ cddb_query(int cd_desc, int sock,
      }
@@ -11,3 +11,12 @@
        slashed = 0;
        if(strchr(inbuffer, '/') != NULL && parse_disc_artist) {
        index = 0;
+@@ -1679,7 +1679,7 @@ cddb_read_disc_data(int cd_desc, struct 
+       free(file);
+        
+       while(!feof(cddb_data)) {
+-      fgets(inbuffer, 512, cddb_data);                           
++      fgets(inbuffer, 256, cddb_data);                           
+       cddb_process_line(inbuffer, data);
+       }
+

Prev by Date: [pkgsrc/trunk]: pkgsrc/sysutils Changes 2.4.3:
Next by Date: [pkgsrc/trunk]: pkgsrc/editors/vim-share Updated editors/vim-share to 7.2.49
Previous by Thread: [pkgsrc/trunk]: pkgsrc/sysutils Changes 2.4.3:
Next by Thread: [pkgsrc/trunk]: pkgsrc/editors/vim-share Updated editors/vim-share to 7.2.49
Indexes:

Home | Main Index | Thread Index | Old Index