pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2008Q1]: pkgsrc/multimedia Pullup ticket 2371 - requested by t...
details: https://anonhg.NetBSD.org/pkgsrc/rev/f1eceb1e7a36
branches: pkgsrc-2008Q1
changeset: 540380:f1eceb1e7a36
user: spz <spz%pkgsrc.org@localhost>
date: Tue May 27 09:29:41 2008 +0000
description:
Pullup ticket 2371 - requested by tonnerre
security fix for mplayer and gmplayer
Revisions pulled up:
- pkgsrc/multimedia/mplayer-share/distinfo 1.50
- pkgsrc/multimedia/mplayer-share/patches/patch-al 1.3
- pkgsrc/multimedia/mplayer/Makefile 1.59
- pkgsrc/multimedia/gmplayer/Makefile 1.70
- pkgsrc/multimedia/gmplayer/distinfo 1.56
Module Name: pkgsrc
Committed By: tonnerre
Date: Sun May 11 03:46:24 UTC 2008
Modified Files:
pkgsrc/multimedia/mplayer: Makefile
pkgsrc/multimedia/mplayer-share: distinfo
Added Files:
pkgsrc/multimedia/mplayer-share/patches: patch-al
Log Message:
Add a patch for CVE-2008-1558 to mplayer. This fixes a buffer overflow
in the RealRTSP SDP code which can be exploited to execute arbitrary
code remotely.
To generate a diff of this commit:
cvs rdiff -r1.58 -r1.59 pkgsrc/multimedia/mplayer/Makefile
cvs rdiff -r1.49 -r1.50 pkgsrc/multimedia/mplayer-share/distinfo
cvs rdiff -r0 -r1.3 pkgsrc/multimedia/mplayer-share/patches/patch-al
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
---
Module Name: pkgsrc
Committed By: tonnerre
Date: Mon May 19 20:55:51 UTC 2008
Modified Files:
pkgsrc/multimedia/gmplayer: Makefile distinfo
Log Message:
Add patches for CVE-2008-1558 for gmplayer
To generate a diff of this commit:
cvs rdiff -r1.69 -r1.70 pkgsrc/multimedia/gmplayer/Makefile
cvs rdiff -r1.55 -r1.56 pkgsrc/multimedia/gmplayer/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
multimedia/gmplayer/Makefile | 4 ++--
multimedia/gmplayer/distinfo | 4 +++-
multimedia/mplayer-share/distinfo | 3 ++-
multimedia/mplayer-share/patches/patch-al | 14 ++++++++++++++
multimedia/mplayer/Makefile | 4 ++--
5 files changed, 23 insertions(+), 6 deletions(-)
diffs (84 lines):
diff -r 79e23c765ac0 -r f1eceb1e7a36 multimedia/gmplayer/Makefile
--- a/multimedia/gmplayer/Makefile Mon May 26 07:51:21 2008 +0000
+++ b/multimedia/gmplayer/Makefile Tue May 27 09:29:41 2008 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.69 2008/03/16 11:56:48 wiz Exp $
+# $NetBSD: Makefile,v 1.69.2.1 2008/05/27 09:29:41 spz Exp $
#
# NOTE: if you are updating both mplayer and gmplayer, you must ensure
@@ -9,7 +9,7 @@
#
PKGNAME= gmplayer-${MPLAYER_PKG_VERSION}
-PKGREVISION= 4
+PKGREVISION= 5
BROKEN_IN= pkgsrc-2006Q4
diff -r 79e23c765ac0 -r f1eceb1e7a36 multimedia/gmplayer/distinfo
--- a/multimedia/gmplayer/distinfo Mon May 26 07:51:21 2008 +0000
+++ b/multimedia/gmplayer/distinfo Tue May 27 09:29:41 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.55 2008/02/28 21:33:02 drochner Exp $
+$NetBSD: distinfo,v 1.55.2.1 2008/05/27 09:29:41 spz Exp $
SHA1 (gmplayer-1.0rc10-20060123/AlienMind-1.2.tar.bz2) = 34370da1e003e4accceae194a63483aa6eebc4dc
RMD160 (gmplayer-1.0rc10-20060123/AlienMind-1.2.tar.bz2) = f3fda7d44a59f98097162f76d0a0d58840974998
@@ -73,6 +73,8 @@
SHA1 (patch-ah) = 7aeb9f04d622fcad8c40dc9edbb0a58277fc622b
SHA1 (patch-ai) = ec79d6a1b0c2790ca826a91a48040c64632ac988
SHA1 (patch-aj) = 772d083dfa5eac789abfd5e925eeeba400bbc527
+SHA1 (patch-ak) = 072b4391e5fde58f6b01bd43133f1d017fc14d58
+SHA1 (patch-al) = 9538b10cf5b3802381d7aabc798676b3cb9ef00d
SHA1 (patch-ba) = 2683c414fed3a4a6d3b4d47287f43d822339bd4e
SHA1 (patch-bb) = 26d000bcbc94b9139e6dbc79237fdb3a109c6057
SHA1 (patch-bc) = fd46ce3cd6d5f7525e210cf6d475b89573ca988d
diff -r 79e23c765ac0 -r f1eceb1e7a36 multimedia/mplayer-share/distinfo
--- a/multimedia/mplayer-share/distinfo Mon May 26 07:51:21 2008 +0000
+++ b/multimedia/mplayer-share/distinfo Tue May 27 09:29:41 2008 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.48.2.1 2008/04/16 19:15:26 ghen Exp $
+$NetBSD: distinfo,v 1.48.2.2 2008/05/27 09:29:41 spz Exp $
SHA1 (mplayer-1.0rc10/MPlayer-1.0rc2.tar.bz2) = e9b496f3527c552004ec6d01d6b43f196b43ce2d
RMD160 (mplayer-1.0rc10/MPlayer-1.0rc2.tar.bz2) = 3b5cba1529856a177a5191e22f8dcc00b5a83c52
@@ -14,6 +14,7 @@
SHA1 (patch-ai) = ec79d6a1b0c2790ca826a91a48040c64632ac988
SHA1 (patch-aj) = 772d083dfa5eac789abfd5e925eeeba400bbc527
SHA1 (patch-ak) = 072b4391e5fde58f6b01bd43133f1d017fc14d58
+SHA1 (patch-al) = 9538b10cf5b3802381d7aabc798676b3cb9ef00d
SHA1 (patch-ba) = 2683c414fed3a4a6d3b4d47287f43d822339bd4e
SHA1 (patch-bb) = 26d000bcbc94b9139e6dbc79237fdb3a109c6057
SHA1 (patch-bc) = fd46ce3cd6d5f7525e210cf6d475b89573ca988d
diff -r 79e23c765ac0 -r f1eceb1e7a36 multimedia/mplayer-share/patches/patch-al
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/multimedia/mplayer-share/patches/patch-al Tue May 27 09:29:41 2008 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-al,v 1.2.4.1 2008/05/27 09:29:41 spz Exp $
+
+--- stream/realrtsp/sdpplin.c.orig 2007-10-07 21:49:25.000000000 +0200
++++ stream/realrtsp/sdpplin.c
+@@ -330,7 +330,8 @@ sdpplin_t *sdpplin_parse(char *data) {
+
+ if(filter(data,"a=StreamCount:integer;",&buf)) {
+ desc->stream_count=(unsigned int)atoi(buf);
+- desc->stream=malloc(sizeof(sdpplin_stream_t*)*desc->stream_count);
++ desc->stream=calloc(desc->stream_count, sizeof(sdpplin_stream_t*));
++ if (!desc->stream) desc->stream_count = 0;
+ handled=1;
+ data=nl(data);
+ }
diff -r 79e23c765ac0 -r f1eceb1e7a36 multimedia/mplayer/Makefile
--- a/multimedia/mplayer/Makefile Mon May 26 07:51:21 2008 +0000
+++ b/multimedia/mplayer/Makefile Tue May 27 09:29:41 2008 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.54.2.1 2008/04/16 19:15:26 ghen Exp $
+# $NetBSD: Makefile,v 1.54.2.2 2008/05/27 09:29:41 spz Exp $
PKGNAME= mplayer-${MPLAYER_PKG_VERSION}
-PKGREVISION= 4
+PKGREVISION= 7
COMMENT= Software-only MPEG-1/2/4 video decoder
Home |
Main Index |
Thread Index |
Old Index