diff options
author | tron <tron@pkgsrc.org> | 2004-02-10 09:32:47 +0000 |
---|---|---|
committer | tron <tron@pkgsrc.org> | 2004-02-10 09:32:47 +0000 |
commit | 436d3eac9a1f7e3a3475dcbbf0db423e8a079c3e (patch) | |
tree | 06df136a545df5a02279d20dea4e7e794d8ba50d | |
parent | ab1c23c324e5a96043d3b79f8714feb921e88a2e (diff) | |
download | pkgsrc-436d3eac9a1f7e3a3475dcbbf0db423e8a079c3e.tar.gz |
Fix security vulnerability reported in CAN-2003-0865. Bump package revision
because of this fix.
-rw-r--r-- | audio/mpg123-esound/Makefile | 3 | ||||
-rw-r--r-- | audio/mpg123-nas/Makefile | 5 | ||||
-rw-r--r-- | audio/mpg123/Makefile | 4 | ||||
-rw-r--r-- | audio/mpg123/distinfo | 3 | ||||
-rw-r--r-- | audio/mpg123/patches/patch-aq | 25 |
5 files changed, 33 insertions, 7 deletions
diff --git a/audio/mpg123-esound/Makefile b/audio/mpg123-esound/Makefile index 076185ee482..c863d69e3d3 100644 --- a/audio/mpg123-esound/Makefile +++ b/audio/mpg123-esound/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.4 2002/11/28 12:15:49 markd Exp $ +# $NetBSD: Makefile,v 1.5 2004/02/10 09:32:47 tron Exp $ PKGNAME= mpg123-esound-${MPG123_VERSION} +PKGREVISION= 1 COMMENT= Command-line player for mpeg layer 1, 2 and 3 audio with EsounD TARGET_SUFFIX= -esd diff --git a/audio/mpg123-nas/Makefile b/audio/mpg123-nas/Makefile index 34f0f82e8f6..a5765f2512a 100644 --- a/audio/mpg123-nas/Makefile +++ b/audio/mpg123-nas/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.6 2004/01/28 12:48:24 xtraeme Exp $ -# +# $NetBSD: Makefile,v 1.7 2004/02/10 09:32:47 tron Exp $ PKGNAME= mpg123${TARGET_SUFFIX}-${MPG123_VERSION} -PKGREVISION= 2 +PKGREVISION= 3 COMMENT= Command-line player for mpeg layer 1, 2 and 3 audio with NAS output TARGET_SUFFIX= -nas diff --git a/audio/mpg123/Makefile b/audio/mpg123/Makefile index b92007ff6c7..2f7a9034d09 100644 --- a/audio/mpg123/Makefile +++ b/audio/mpg123/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.34 2002/06/23 08:45:09 kent Exp $ +# $NetBSD: Makefile,v 1.35 2004/02/10 09:32:47 tron Exp $ PKGNAME= mpg123-${MPG123_VERSION} -PKGREVISION= 2 +PKGREVISION= 3 COMMENT= Command-line player for mpeg layer 1, 2 and 3 audio CONFLICTS+= mpg123-nas-[0-9]* diff --git a/audio/mpg123/distinfo b/audio/mpg123/distinfo index c82c0eb0c79..ba463379f69 100644 --- a/audio/mpg123/distinfo +++ b/audio/mpg123/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.15 2003/10/18 11:27:11 grant Exp $ +$NetBSD: distinfo,v 1.16 2004/02/10 09:32:47 tron Exp $ SHA1 (mpg123/mpg123-0.59r.tar.gz) = c32fe242f4506d218bd19a51a4034da9fdc79493 Size (mpg123/mpg123-0.59r.tar.gz) = 159028 bytes @@ -20,3 +20,4 @@ SHA1 (patch-am) = 661c1f95f65145f4e08706eb3f6fe975118a2822 SHA1 (patch-an) = 08917e1825adcfd870bb2c61ae865339da7c45ef SHA1 (patch-ao) = 40961a43cc3dbebf71deee1c240907896d297304 SHA1 (patch-ap) = b35e7f6739a8b4979412793c7b3f2f7f5a9f15a7 +SHA1 (patch-aq) = ea443c1d45d856f360d2ccba3e5e2d058ac65007 diff --git a/audio/mpg123/patches/patch-aq b/audio/mpg123/patches/patch-aq new file mode 100644 index 00000000000..311269f68b7 --- /dev/null +++ b/audio/mpg123/patches/patch-aq @@ -0,0 +1,25 @@ +$NetBSD: patch-aq,v 1.1 2004/02/10 09:32:47 tron Exp $ + +--- httpget.c.orig Tue Feb 10 10:14:29 2004 ++++ httpget.c Tue Feb 10 10:18:07 2004 +@@ -55,11 +55,10 @@ + #endif + int pos = 0; + +- while(1) { ++ while(pos < (maxlen - 1)) { + if( read(fileno(f),string+pos,1) == 1) { + pos++; + if(string[pos-1] == '\n') { +- string[pos] = 0; + break; + } + } +@@ -78,6 +77,7 @@ + } + #endif + ++ string[pos] = '\0'; + } + + void encode64 (char *source,char *destination) |