CVS commit: pkgsrc/devel/libebml

["Thomas Klausner" <wiz%netbsd.org@localhost>]

Module Name:    pkgsrc
Committed By:   wiz
Date:           Sun Oct 25 09:44:10 UTC 2015

Modified Files:
        pkgsrc/devel/libebml: Makefile distinfo

Log Message:
Update libebml to 1.3.3:

        * Released v1.3.3.

        * EbmlMaster::Read(): When the parser encountered a deeply nested
        element with an infinite size then a following element of an upper
        level was not propagated correctly. Instead the element with the
        infinite size was added into the EBML element tree a second time
        resulting in memory access after freeing it and multiple attempts
        to free the same memory address during destruction. Fixes the
        issue reported as Cisco TALOS-CAN-0037.

        * EbmlElement::ReadCodedSizeValue(): Fixed an invalid memory
        access. When reading a EBML variable length integer value a read
        access beyond the end of the available buffer was possible if
        fewer bytes were available than indicated by the first byte
        resulting in a heap information leak.

        * EbmlUnicodeString::UpdateFromUTF8(): Fixed an invalid memory
        access. When reading from a UTF-8 string in which the length
        indicated by a UTF-8 character's first byte exceeds the string's
        actual number of bytes the parser would access beyond the end of
        the string resulting in a heap information leak. Fixes the issue
        reported as Cisco TALOS-CAN-0036.


To generate a diff of this commit:
cvs rdiff -u -r1.38 -r1.39 pkgsrc/devel/libebml/Makefile
cvs rdiff -u -r1.24 -r1.25 pkgsrc/devel/libebml/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.