Security fix for CVE-2006-3600:

"A vulnerability in libtunepimp can be potentially exploited by
 malicious people to compromise a user's system.

 The vulnerability is caused due to a boundary error in the
 "LookupTRM::lookup()" function when retrieving album release dates.
 This can be exploited to cause a buffer overflow by returning an overly
 long release date string (more than 100 bytes).

 Successful exploitation may allow execution of arbitrary code in context
 of an application using the vulnerable library."

http://secunia.com/advisories/21026/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600

Patch from MusicBrainz SVN.  Bump PKGREVISION.

3 files changed, 28 insertions, 3 deletions

diff --git a/audio/libtunepimp0.4/Makefile b/audio/libtunepimp0.4/Makefile
index b220d01332c..91aca955366 100644
--- a/audio/libtunepimp0.4/Makefile
+++ b/audio/libtunepimp0.4/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.2 2006/07/12 13:30:33 wiz Exp $
+# $NetBSD: Makefile,v 1.3 2006/08/21 17:55:01 salo Exp $
 #
 
 DISTNAME=		libtunepimp-0.4.2
-PKGREVISION=		1
+PKGREVISION=		2
 CATEGORIES=		audio
 MASTER_SITES=		ftp://ftp.musicbrainz.org/pub/musicbrainz/ \
 			http://ftp.musicbrainz.org/pub/musicbrainz/
diff --git a/audio/libtunepimp0.4/distinfo b/audio/libtunepimp0.4/distinfo
index 9ad4f5594dc..adbdccf058f 100644
--- a/audio/libtunepimp0.4/distinfo
+++ b/audio/libtunepimp0.4/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.1.1.1 2006/07/12 13:07:19 wiz Exp $
+$NetBSD: distinfo,v 1.2 2006/08/21 17:55:01 salo Exp $
 
 SHA1 (libtunepimp-0.4.2.tar.gz) = deb7ac22e451b7512006e6f090333e14d4cbc78f
 RMD160 (libtunepimp-0.4.2.tar.gz) = f4c7ebeb505c6b8b1dff284aebf6c9e249192765
@@ -7,3 +7,4 @@ SHA1 (patch-aa) = 1c0e484dbe02309ab09ce153dcad710590aedcd1
 SHA1 (patch-ab) = d72634d99a70925ee180108db4a95c10124b7de0
 SHA1 (patch-ac) = bebb5ac1358007098704052888a98f9d97376b6a
 SHA1 (patch-ad) = cdd662177cf90a9e926881d25eb40d674ca21456
+SHA1 (patch-ae) = eb8cfcbb6672c241f14666d77b48bd16ef3a9875
diff --git a/audio/libtunepimp0.4/patches/patch-ae b/audio/libtunepimp0.4/patches/patch-ae
new file mode 100644
index 00000000000..f064dbe7eb2
--- /dev/null
+++ b/audio/libtunepimp0.4/patches/patch-ae
@@ -0,0 +1,24 @@
+$NetBSD: patch-ae,v 1.1 2006/08/21 17:55:01 salo Exp $
+
+Security fix for CVE-2006-3600, from MusicBrainz SVN.
+
+--- lib/lookuptools.cpp.orig	2006-01-28 21:35:42.000000000 +0100
++++ lib/lookuptools.cpp	2006-08-21 16:43:11.000000000 +0200
+@@ -51,7 +51,7 @@
+     musicbrainz_t  o;
+     char          *args[7];
+     int            ret, trackNum;
+-    char           error[255], data[255], trackURI[256],
++    char           error[256], data[256], trackURI[256],
+                    artistURI[256], albumURI[256];
+     char           temp[100], duration[100], status[100];
+ 
+@@ -160,7 +160,7 @@
+             if (mb_Select1(o, MBS_SelectReleaseDate, j))
+             {
+                 // Pull back the release date and release country
+-                if (mb_GetResultData(o, MBE_ReleaseGetDate, temp, 256))
++                if (mb_GetResultData(o, MBE_ReleaseGetDate, temp, 100))
+                 {
+                     int month = 0, day = 0, year = 0;
+