diff options
| author | tron <tron> | 2008-10-02 12:32:41 +0000 |
|---|---|---|
| committer | tron <tron> | 2008-10-02 12:32:41 +0000 |
| commit | c882ad5e330f9bac46286db48b1281219dbdfb55 (patch) | |
| tree | 4d35f35039d4afde20842e97ef2b3f324212d828 | |
| parent | 1387d3e9649bce90a53fcfae166085ccbb3febb6 (diff) | |
| download | pkgsrc-c882ad5e330f9bac46286db48b1281219dbdfb55.tar.gz | |
Apply patch from MPlayer subversion repository to fix CVE-2008-3827.
Bump package revisions of "mplayer", "gmplayer" and "mencoder" packages.
| -rw-r--r-- | multimedia/gmplayer/Makefile | 4 | ||||
| -rw-r--r-- | multimedia/mencoder/Makefile | 4 | ||||
| -rw-r--r-- | multimedia/mplayer-share/distinfo | 3 | ||||
| -rw-r--r-- | multimedia/mplayer-share/patches/patch-am | 28 | ||||
| -rw-r--r-- | multimedia/mplayer/Makefile | 4 |
5 files changed, 36 insertions, 7 deletions
diff --git a/multimedia/gmplayer/Makefile b/multimedia/gmplayer/Makefile index bffec5b6f5a..ff2aa63620b 100644 --- a/multimedia/gmplayer/Makefile +++ b/multimedia/gmplayer/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.70 2008/05/19 20:55:51 tonnerre Exp $ +# $NetBSD: Makefile,v 1.71 2008/10/02 12:32:41 tron Exp $ # # NOTE: if you are updating both mplayer and gmplayer, you must ensure @@ -9,7 +9,7 @@ # PKGNAME= gmplayer-${MPLAYER_PKG_VERSION} -PKGREVISION= 5 +PKGREVISION= 6 BROKEN_IN= pkgsrc-2006Q4 diff --git a/multimedia/mencoder/Makefile b/multimedia/mencoder/Makefile index 8e95c021ff7..05de85c55a3 100644 --- a/multimedia/mencoder/Makefile +++ b/multimedia/mencoder/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.38 2008/03/16 11:56:49 wiz Exp $ +# $NetBSD: Makefile,v 1.39 2008/10/02 12:32:42 tron Exp $ PKGNAME= mencoder-${MPLAYER_PKG_VERSION} -PKGREVISION= 2 +PKGREVISION= 3 COMMENT= Simple movie encoder for MPlayer-playable movies diff --git a/multimedia/mplayer-share/distinfo b/multimedia/mplayer-share/distinfo index 65fd9fd020a..be809912c37 100644 --- a/multimedia/mplayer-share/distinfo +++ b/multimedia/mplayer-share/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.53 2008/09/09 12:13:13 jmcneill Exp $ +$NetBSD: distinfo,v 1.54 2008/10/02 12:32:41 tron Exp $ SHA1 (mplayer-1.0rc10/MPlayer-1.0rc2.tar.bz2) = e9b496f3527c552004ec6d01d6b43f196b43ce2d RMD160 (mplayer-1.0rc10/MPlayer-1.0rc2.tar.bz2) = 3b5cba1529856a177a5191e22f8dcc00b5a83c52 @@ -15,6 +15,7 @@ SHA1 (patch-ai) = ec79d6a1b0c2790ca826a91a48040c64632ac988 SHA1 (patch-aj) = 772d083dfa5eac789abfd5e925eeeba400bbc527 SHA1 (patch-ak) = 072b4391e5fde58f6b01bd43133f1d017fc14d58 SHA1 (patch-al) = 9538b10cf5b3802381d7aabc798676b3cb9ef00d +SHA1 (patch-am) = bae1e03f7265cb6b07947f052f0774d1c17da88e SHA1 (patch-ba) = 2683c414fed3a4a6d3b4d47287f43d822339bd4e SHA1 (patch-bb) = 26d000bcbc94b9139e6dbc79237fdb3a109c6057 SHA1 (patch-bc) = fd46ce3cd6d5f7525e210cf6d475b89573ca988d diff --git a/multimedia/mplayer-share/patches/patch-am b/multimedia/mplayer-share/patches/patch-am new file mode 100644 index 00000000000..bce7631dc07 --- /dev/null +++ b/multimedia/mplayer-share/patches/patch-am @@ -0,0 +1,28 @@ +$NetBSD: patch-am,v 1.1 2008/10/02 12:32:41 tron Exp $ + +--- libmpdemux/demux_real.c.orig 2007-10-07 20:49:33.000000000 +0100 ++++ libmpdemux/demux_real.c 2008-10-02 13:04:25.000000000 +0100 +@@ -958,6 +958,7 @@ + // last fragment! + if(dp_hdr->len!=vpkg_length-vpkg_offset) + mp_msg(MSGT_DEMUX,MSGL_V,"warning! assembled.len=%d frag.len=%d total.len=%d \n",dp->len,vpkg_offset,vpkg_length-vpkg_offset); ++ if (vpkg_offset > dp->len - sizeof(dp_hdr_t) - dp_hdr->len) vpkg_offset = dp->len - sizeof(dp_hdr_t) - dp_hdr->len; + stream_read(demuxer->stream, dp_data+dp_hdr->len, vpkg_offset); + if((dp_data[dp_hdr->len]&0x20) && (sh_video->format==0x30335652)) --dp_hdr->chunks; else + dp_hdr->len+=vpkg_offset; +@@ -981,6 +982,7 @@ + // non-last fragment: + if(dp_hdr->len!=vpkg_offset) + mp_msg(MSGT_DEMUX,MSGL_V,"warning! assembled.len=%d offset=%d frag.len=%d total.len=%d \n",dp->len,vpkg_offset,len,vpkg_length); ++ if (len > dp->len - sizeof(dp_hdr_t) - dp_hdr->len) len = dp->len - sizeof(dp_hdr_t) - dp_hdr->len; + stream_read(demuxer->stream, dp_data+dp_hdr->len, len); + if((dp_data[dp_hdr->len]&0x20) && (sh_video->format==0x30335652)) --dp_hdr->chunks; else + dp_hdr->len+=len; +@@ -1003,6 +1005,7 @@ + extra[0]=1; extra[1]=0; // offset of the first chunk + if(0x00==(vpkg_header&0xc0)){ + // first fragment: ++ if (len > dp->len - sizeof(dp_hdr_t)) len = dp->len - sizeof(dp_hdr_t); + dp_hdr->len=len; + stream_read(demuxer->stream, dp_data, len); + ds->asf_packet=dp; diff --git a/multimedia/mplayer/Makefile b/multimedia/mplayer/Makefile index e1ad564650d..6fc89ed6bc8 100644 --- a/multimedia/mplayer/Makefile +++ b/multimedia/mplayer/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.60 2008/08/10 16:21:40 joerg Exp $ +# $NetBSD: Makefile,v 1.61 2008/10/02 12:32:41 tron Exp $ PKGNAME= mplayer-${MPLAYER_PKG_VERSION} -PKGREVISION= 7 +PKGREVISION= 8 COMMENT= Software-only MPEG-1/2/4 video decoder |