diff options
| author | bsiegert <bsiegert@pkgsrc.org> | 2019-09-03 09:33:05 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert@pkgsrc.org> | 2019-09-03 09:33:05 +0000 |
| commit | 411ebddde6704ae7540c72fbe8d182d55d88ce4f (patch) | |
| tree | ed7aa7182c566fcb10407f076d4866649a0a19eb | |
| parent | 10f58aa2b9f6f6e77e2c344a04972535d22acf03 (diff) | |
| download | pkgsrc-411ebddde6704ae7540c72fbe8d182d55d88ce4f.tar.gz | |
Pullup ticket #6034 - requested by nia
audio/mpg123: security fix
Revisions pulled up:
- audio/mpg123/Makefile.common 1.50
- audio/mpg123/distinfo 1.50
---
Module Name: pkgsrc
Committed By: nia
Date: Sat Aug 31 14:24:19 UTC 2019
Modified Files:
pkgsrc/audio/mpg123: Makefile.common distinfo
Log Message:
mpg123: Update to 1.25.12
libmpg123:
Fix an out-of-bounds read of maximal two bytes for truncated RVA2 frames (oss-fuzz-bug 15975). The earlier fix around the same location needed one thought more. Actually, another though was needed, oss-fuzz-bug 16009 documents the incomplete fix.
Fix an invalid write of one zero byte for empty ID3v2 frames that demand de-unsyncing (oss-fuzz-bug 16050).
Correct preprocessor syntax in mangle.h, no #error in a #define line. (bug 273, thanks to nmlgc).
| -rw-r--r-- | audio/mpg123/Makefile.common | 4 | ||||
| -rw-r--r-- | audio/mpg123/distinfo | 10 |
2 files changed, 7 insertions, 7 deletions
diff --git a/audio/mpg123/Makefile.common b/audio/mpg123/Makefile.common index 6e08a37426c..a1f4fbead7f 100644 --- a/audio/mpg123/Makefile.common +++ b/audio/mpg123/Makefile.common @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.common,v 1.48.10.1 2019/08/09 13:11:04 bsiegert Exp $ +# $NetBSD: Makefile.common,v 1.48.10.2 2019/09/03 09:33:05 bsiegert Exp $ # # used by audio/mpg123-arts/Makefile # used by audio/mpg123-esound/Makefile @@ -7,7 +7,7 @@ # used by audio/mpg123-pulse/Makefile # used by audio/mpg123-sun/Makefile -DISTNAME= mpg123-1.25.11 +DISTNAME= mpg123-1.25.12 PKGNAME?= ${DISTNAME:C/[[:alnum:]]*/&-${MPG123_MODULE}/} CATEGORIES= audio MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=mpg123/} diff --git a/audio/mpg123/distinfo b/audio/mpg123/distinfo index 61903f64968..eba56f0da4d 100644 --- a/audio/mpg123/distinfo +++ b/audio/mpg123/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.48.10.1 2019/08/09 13:11:04 bsiegert Exp $ +$NetBSD: distinfo,v 1.48.10.2 2019/09/03 09:33:05 bsiegert Exp $ -SHA1 (mpg123-1.25.11.tar.bz2) = 25f3e8f8599d3ffc480858799ea6f8620f48543d -RMD160 (mpg123-1.25.11.tar.bz2) = b41bf43a4773b07286c5622df53f8f15610eb9e6 -SHA512 (mpg123-1.25.11.tar.bz2) = 986338d0f4829ec9e40990cb384746c7abfa80d3b3d5656b6dda73d03e2441c1f28ffbe7f3f82b0008a1c4ebcfa07aeffb493e95f13f7d04cbc818a09f1008ed -Size (mpg123-1.25.11.tar.bz2) = 909478 bytes +SHA1 (mpg123-1.25.12.tar.bz2) = 4ece1ec124a6ca085e1d68f7ede6d5619fc587ff +RMD160 (mpg123-1.25.12.tar.bz2) = d6bb641bc56c7e5f83e7658c044b231b94f4886c +SHA512 (mpg123-1.25.12.tar.bz2) = fa3c719c68dbe45b265fd7677d0932b07f6a14e7ffe365ede965ff1637e655c4b57c86f7e4cd60cace7df5fcc93d48e0d44f082931394b7c6ef19f5d11638eff +Size (mpg123-1.25.12.tar.bz2) = 910149 bytes SHA1 (patch-Makefile.in) = e1b529e9468994e25c2567df7e64a2905b0cf529 SHA1 (patch-aa) = 4b2761219dd8fb92079d7f96872e56beb702696a SHA1 (patch-ad) = f07b637c3fc1d3ea0426013fc25bca8e3aecba56 |