diff options
| author | drochner <drochner@pkgsrc.org> | 2008-11-21 10:38:19 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2008-11-21 10:38:19 +0000 |
| commit | a54d1f643d158cc2b9ccaa1bb18e17226cf7f6e4 (patch) | |
| tree | 840c6c4e00094cfb308fee7b6f31d61f797475ca | |
| parent | 7ddd99c7f42150d7b215512be80a19e8b31031fe (diff) | |
| download | pkgsrc-a54d1f643d158cc2b9ccaa1bb18e17226cf7f6e4.tar.gz | |
fixa possible heap overflow due to wrong buffer length check
(CVE-2008-5030), from Debian, bump PKGREVISION
| -rw-r--r-- | audio/libcdaudio/Makefile | 4 | ||||
| -rw-r--r-- | audio/libcdaudio/distinfo | 4 | ||||
| -rw-r--r-- | audio/libcdaudio/patches/patch-ac | 13 |
3 files changed, 15 insertions, 6 deletions
diff --git a/audio/libcdaudio/Makefile b/audio/libcdaudio/Makefile index 336dd9da617..c58f1157b44 100644 --- a/audio/libcdaudio/Makefile +++ b/audio/libcdaudio/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.29 2008/07/14 12:55:56 joerg Exp $ +# $NetBSD: Makefile,v 1.30 2008/11/21 10:38:19 drochner Exp $ DISTNAME= libcdaudio-0.99.12 -PKGREVISION= 1 +PKGREVISION= 2 CATEGORIES= audio MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=libcdaudio/} diff --git a/audio/libcdaudio/distinfo b/audio/libcdaudio/distinfo index 9132a33852b..d293353b43f 100644 --- a/audio/libcdaudio/distinfo +++ b/audio/libcdaudio/distinfo @@ -1,8 +1,8 @@ -$NetBSD: distinfo,v 1.12 2005/09/06 08:10:57 abs Exp $ +$NetBSD: distinfo,v 1.13 2008/11/21 10:38:19 drochner Exp $ SHA1 (libcdaudio-0.99.12.tar.gz) = 1862d3f387634a216faa867164d840b6f5552294 RMD160 (libcdaudio-0.99.12.tar.gz) = 57f7446db6c65c968eb58a9404652718d6517b74 Size (libcdaudio-0.99.12.tar.gz) = 357150 bytes SHA1 (patch-aa) = f7cf7d430917e6860fb43529cb349d358890f7a4 SHA1 (patch-ab) = 9df8c234de3cb5a6b262fae093e430e471afa1f0 -SHA1 (patch-ac) = 073ceed3794fbd889b0efec49cd2dfe63c7fda07 +SHA1 (patch-ac) = a67d2b7ea503c4d696a05024d46f8a895c47051b diff --git a/audio/libcdaudio/patches/patch-ac b/audio/libcdaudio/patches/patch-ac index ccfc506a413..faa9ed6e1dd 100644 --- a/audio/libcdaudio/patches/patch-ac +++ b/audio/libcdaudio/patches/patch-ac @@ -1,6 +1,6 @@ -$NetBSD: patch-ac,v 1.1 2005/04/15 01:50:57 rh Exp $ +$NetBSD: patch-ac,v 1.2 2008/11/21 10:38:19 drochner Exp $ ---- src/cddb.c.orig 2004-09-09 11:26:39.000000000 +1000 +--- src/cddb.c.orig 2004-09-09 03:26:39.000000000 +0200 +++ src/cddb.c @@ -1052,7 +1052,7 @@ cddb_query(int cd_desc, int sock, } @@ -11,3 +11,12 @@ $NetBSD: patch-ac,v 1.1 2005/04/15 01:50:57 rh Exp $ slashed = 0; if(strchr(inbuffer, '/') != NULL && parse_disc_artist) { index = 0; +@@ -1679,7 +1679,7 @@ cddb_read_disc_data(int cd_desc, struct + free(file); + + while(!feof(cddb_data)) { +- fgets(inbuffer, 512, cddb_data); ++ fgets(inbuffer, 256, cddb_data); + cddb_process_line(inbuffer, data); + } + |