pkgsrc-changes: CVS commit: pkgsrc/multimedia

Subject: CVS commit: pkgsrc/multimedia
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 12/10/2005 23:34:42

Module Name:	pkgsrc
Committed By:	salo
Date:		Sat Dec 10 23:34:42 UTC 2005

Modified Files:
	pkgsrc/multimedia/gmplayer: Makefile distinfo
	pkgsrc/multimedia/mencoder: Makefile
	pkgsrc/multimedia/mplayer: Makefile
	pkgsrc/multimedia/mplayer-share: distinfo
Added Files:
	pkgsrc/multimedia/mplayer-share/patches: patch-ai

Log Message:
Security fix for SA17892:

"A vulnerability in FFmpeg libavcodec can be exploited by malicious people
to cause a DoS (Denial of Service) and potentially to compromise a user's
system."

http://secunia.com/advisories/17892/

Fix from ffmpeg CVS repository, libavcodec/utils.c rev. 1.162:

"default_get_buffer() cleanup
fixes probably exploitable heap overflow
heap overflow found by (Simon Kilvington)"


To generate a diff of this commit:
cvs rdiff -r1.40 -r1.41 pkgsrc/multimedia/gmplayer/Makefile
cvs rdiff -r1.30 -r1.31 pkgsrc/multimedia/gmplayer/distinfo
cvs rdiff -r1.22 -r1.23 pkgsrc/multimedia/mencoder/Makefile
cvs rdiff -r1.23 -r1.24 pkgsrc/multimedia/mplayer/Makefile
cvs rdiff -r1.24 -r1.25 pkgsrc/multimedia/mplayer-share/distinfo
cvs rdiff -r0 -r1.1 pkgsrc/multimedia/mplayer-share/patches/patch-ai

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.