diff options
author | drochner <drochner@pkgsrc.org> | 2008-04-18 14:01:22 +0000 |
---|---|---|
committer | drochner <drochner@pkgsrc.org> | 2008-04-18 14:01:22 +0000 |
commit | 458733e9f0fb9b879af37b7ed1a0bbdccaff8ba0 (patch) | |
tree | 38b1baf8719059d9fa461225d533a19b32a607fe | |
parent | 36c95a3c1d26bd79d1e9f0d991689b28d3ee7f44 (diff) | |
download | pkgsrc-458733e9f0fb9b879af37b7ed1a0bbdccaff8ba0.tar.gz |
xine security patch of the day: fix possible buffer overflow in
nsf parser (SA29850), patch from upstream CVS, bump PKGREVISION
-rw-r--r-- | multimedia/xine-lib/Makefile | 4 | ||||
-rw-r--r-- | multimedia/xine-lib/distinfo | 3 | ||||
-rw-r--r-- | multimedia/xine-lib/patches/patch-ay | 17 |
3 files changed, 22 insertions, 2 deletions
diff --git a/multimedia/xine-lib/Makefile b/multimedia/xine-lib/Makefile index d301532bf4d..a9adfd5cb89 100644 --- a/multimedia/xine-lib/Makefile +++ b/multimedia/xine-lib/Makefile @@ -1,7 +1,9 @@ -# $NetBSD: Makefile,v 1.57 2008/04/10 11:48:58 drochner Exp $ +# $NetBSD: Makefile,v 1.58 2008/04/18 14:01:22 drochner Exp $ .include "Makefile.common" +PKGREVISION= 1 + COMMENT= Multimedia player library BUILDLINK_API_DEPENDS.vcdimager+= vcdimager>=0.7.20nb1 diff --git a/multimedia/xine-lib/distinfo b/multimedia/xine-lib/distinfo index a7967e4aae7..fb9e6558d36 100644 --- a/multimedia/xine-lib/distinfo +++ b/multimedia/xine-lib/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.54 2008/04/15 19:25:28 drochner Exp $ +$NetBSD: distinfo,v 1.55 2008/04/18 14:01:22 drochner Exp $ SHA1 (xine-lib-1.1.12.tar.bz2) = a27872a4292e2ce6c35018a1cbbf7a88eecda8cd RMD160 (xine-lib-1.1.12.tar.bz2) = 305c1b3787a4191083b9793281ce3f3043d65fcb @@ -20,6 +20,7 @@ SHA1 (patch-as) = a0a93a256589e87a66eef31494441aa1b200f834 SHA1 (patch-av) = acbb2ffbaf72b4744538d996be95321e8eb23fd9 SHA1 (patch-aw) = 78ab44197a6b9f85e4b272d522ce254de4d557dc SHA1 (patch-ax) = 71f2619aa750a51a641922d482b29ea998e8ab48 +SHA1 (patch-ay) = a4079a11f4a399010408e146684b878cd5eb584a SHA1 (patch-be) = e1a0856361c26d924ce12794e9f7eb0174857100 SHA1 (patch-bg) = 10eb076d087a40ac5f7920794ff7b34f2aa0495b SHA1 (patch-cb) = 08d9920022988d2764d941cfa8b1aa5602a0ec81 diff --git a/multimedia/xine-lib/patches/patch-ay b/multimedia/xine-lib/patches/patch-ay new file mode 100644 index 00000000000..2f97e27e218 --- /dev/null +++ b/multimedia/xine-lib/patches/patch-ay @@ -0,0 +1,17 @@ +$NetBSD: patch-ay,v 1.5 2008/04/18 14:01:22 drochner Exp $ + +--- src/demuxers/demux_nsf.c.orig 2008-04-18 15:12:10.000000000 +0200 ++++ src/demuxers/demux_nsf.c +@@ -106,9 +106,9 @@ static int open_nsf_file(demux_nsf_t *th + + this->total_songs = header[6]; + this->current_song = header[7]; +- this->title = strdup(&header[0x0E]); +- this->artist = strdup(&header[0x2E]); +- this->copyright = strdup(&header[0x4E]); ++ this->title = strndup((char*)&header[0x0E], 0x20); ++ this->artist = strndup((char*)&header[0x2E], 0x20); ++ this->copyright = strndup((char*)&header[0x4E], 0x20); + + this->filesize = this->input->get_length(this->input); + |