pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: [pkgsrc-2008Q4] pkgsrc/audio/libaudiofile

Module Name:    pkgsrc
Committed By:   tron
Date:           Thu Jan 22 20:21:28 UTC 2009

Modified Files:
        pkgsrc/audio/libaudiofile [pkgsrc-2008Q4]: Makefile distinfo
Added Files:
        pkgsrc/audio/libaudiofile/patches [pkgsrc-2008Q4]: patch-ac patch-ad

Log Message:
Pullup ticket #2652 - requested by drochner
libaudiofile: security patch

Revisions pulled up:
audio/libaudiofile/Makefile                     1.43
audio/libaudiofile/distinfo                     1.12
audio/libaudiofile/patches/patch-ac             1.1
audio/libaudiofile/patches/patch-ad             1.1
Module Name:    pkgsrc
Committed By:   drochner
Date:           Wed Jan 21 15:19:27 UTC 2009

Modified Files:
        pkgsrc/audio/libaudiofile: Makefile distinfo
Added Files:
        pkgsrc/audio/libaudiofile/patches: patch-ac patch-ad

Log Message:
(attempt to) fix CVE-2008-5824 (buffer overflow in msadpcm.c),
see Debian bug #510205, just done correctly.
The IMA code might have similar problems. The code appearently can't
handle stereo files correctly anyway, so bail out if >1 channel
which should avoid the problem.

To generate a diff of this commit:
cvs rdiff -r1.42 -r1.42.10.1 pkgsrc/audio/libaudiofile/Makefile
cvs rdiff -r1.11 -r1.11.34.1 pkgsrc/audio/libaudiofile/distinfo
cvs rdiff -r0 -r1.1.2.2 pkgsrc/audio/libaudiofile/patches/patch-ac \

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Home | Main Index | Thread Index | Old Index