diff options
author | salo <salo> | 2006-08-21 17:55:01 +0000 |
---|---|---|
committer | salo <salo> | 2006-08-21 17:55:01 +0000 |
commit | 28b864d0e4c8267fb5abb4987ba13b5d6e8f4e85 (patch) | |
tree | e6222cb4ca1c0c91265fe2fe7dcc646a51f026ef | |
parent | 9b8a0f3fb8d525aaeef42cd1d1c2602da9940693 (diff) | |
download | pkgsrc-28b864d0e4c8267fb5abb4987ba13b5d6e8f4e85.tar.gz |
Security fix for CVE-2006-3600:
"A vulnerability in libtunepimp can be potentially exploited by
malicious people to compromise a user's system.
The vulnerability is caused due to a boundary error in the
"LookupTRM::lookup()" function when retrieving album release dates.
This can be exploited to cause a buffer overflow by returning an overly
long release date string (more than 100 bytes).
Successful exploitation may allow execution of arbitrary code in context
of an application using the vulnerable library."
http://secunia.com/advisories/21026/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600
Patch from MusicBrainz SVN. Bump PKGREVISION.
-rw-r--r-- | audio/libtunepimp0.4/Makefile | 4 | ||||
-rw-r--r-- | audio/libtunepimp0.4/distinfo | 3 | ||||
-rw-r--r-- | audio/libtunepimp0.4/patches/patch-ae | 24 |
3 files changed, 28 insertions, 3 deletions
diff --git a/audio/libtunepimp0.4/Makefile b/audio/libtunepimp0.4/Makefile index b220d01332c..91aca955366 100644 --- a/audio/libtunepimp0.4/Makefile +++ b/audio/libtunepimp0.4/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.2 2006/07/12 13:30:33 wiz Exp $ +# $NetBSD: Makefile,v 1.3 2006/08/21 17:55:01 salo Exp $ # DISTNAME= libtunepimp-0.4.2 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= audio MASTER_SITES= ftp://ftp.musicbrainz.org/pub/musicbrainz/ \ http://ftp.musicbrainz.org/pub/musicbrainz/ diff --git a/audio/libtunepimp0.4/distinfo b/audio/libtunepimp0.4/distinfo index 9ad4f5594dc..adbdccf058f 100644 --- a/audio/libtunepimp0.4/distinfo +++ b/audio/libtunepimp0.4/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.1.1.1 2006/07/12 13:07:19 wiz Exp $ +$NetBSD: distinfo,v 1.2 2006/08/21 17:55:01 salo Exp $ SHA1 (libtunepimp-0.4.2.tar.gz) = deb7ac22e451b7512006e6f090333e14d4cbc78f RMD160 (libtunepimp-0.4.2.tar.gz) = f4c7ebeb505c6b8b1dff284aebf6c9e249192765 @@ -7,3 +7,4 @@ SHA1 (patch-aa) = 1c0e484dbe02309ab09ce153dcad710590aedcd1 SHA1 (patch-ab) = d72634d99a70925ee180108db4a95c10124b7de0 SHA1 (patch-ac) = bebb5ac1358007098704052888a98f9d97376b6a SHA1 (patch-ad) = cdd662177cf90a9e926881d25eb40d674ca21456 +SHA1 (patch-ae) = eb8cfcbb6672c241f14666d77b48bd16ef3a9875 diff --git a/audio/libtunepimp0.4/patches/patch-ae b/audio/libtunepimp0.4/patches/patch-ae new file mode 100644 index 00000000000..f064dbe7eb2 --- /dev/null +++ b/audio/libtunepimp0.4/patches/patch-ae @@ -0,0 +1,24 @@ +$NetBSD: patch-ae,v 1.1 2006/08/21 17:55:01 salo Exp $ + +Security fix for CVE-2006-3600, from MusicBrainz SVN. + +--- lib/lookuptools.cpp.orig 2006-01-28 21:35:42.000000000 +0100 ++++ lib/lookuptools.cpp 2006-08-21 16:43:11.000000000 +0200 +@@ -51,7 +51,7 @@ + musicbrainz_t o; + char *args[7]; + int ret, trackNum; +- char error[255], data[255], trackURI[256], ++ char error[256], data[256], trackURI[256], + artistURI[256], albumURI[256]; + char temp[100], duration[100], status[100]; + +@@ -160,7 +160,7 @@ + if (mb_Select1(o, MBS_SelectReleaseDate, j)) + { + // Pull back the release date and release country +- if (mb_GetResultData(o, MBE_ReleaseGetDate, temp, 256)) ++ if (mb_GetResultData(o, MBE_ReleaseGetDate, temp, 100)) + { + int month = 0, day = 0, year = 0; + |