diff options
| author | wiz <wiz@pkgsrc.org> | 2009-12-02 12:41:25 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2009-12-02 12:41:25 +0000 |
| commit | 9054ac68e2b1f8df99331a11166e882b18860354 (patch) | |
| tree | 705572fb9e62bc55a7240e38381dc27dce0563b7 /audio | |
| parent | 5e47eb44287234e1684c2e2f2e997025948595e9 (diff) | |
| download | pkgsrc-9054ac68e2b1f8df99331a11166e882b18860354.tar.gz | |
Apply some possible security fixes from upstream SVN.
Glanced from links in mozilla advisory
http://www.mozilla.org/security/announce/2009/mfsa2009-63.html
and Fedora Core patches for 1.2.0.
Bump PKGREVISION.
Diffstat (limited to 'audio')
| -rw-r--r-- | audio/libvorbis/Makefile | 3 | ||||
| -rw-r--r-- | audio/libvorbis/distinfo | 4 | ||||
| -rw-r--r-- | audio/libvorbis/patches/patch-aa | 14 | ||||
| -rw-r--r-- | audio/libvorbis/patches/patch-ab | 15 |
4 files changed, 34 insertions, 2 deletions
diff --git a/audio/libvorbis/Makefile b/audio/libvorbis/Makefile index 8bfd935c586..63fa046a375 100644 --- a/audio/libvorbis/Makefile +++ b/audio/libvorbis/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.48 2009/07/17 20:28:21 wiz Exp $ +# $NetBSD: Makefile,v 1.49 2009/12/02 12:41:25 wiz Exp $ DISTNAME= libvorbis-1.2.3 +PKGREVISION= 1 CATEGORIES= devel audio MASTER_SITES= http://downloads.xiph.org/releases/vorbis/ diff --git a/audio/libvorbis/distinfo b/audio/libvorbis/distinfo index 84adab88e8d..7dd9e61732a 100644 --- a/audio/libvorbis/distinfo +++ b/audio/libvorbis/distinfo @@ -1,5 +1,7 @@ -$NetBSD: distinfo,v 1.17 2009/07/17 20:28:21 wiz Exp $ +$NetBSD: distinfo,v 1.18 2009/12/02 12:41:25 wiz Exp $ SHA1 (libvorbis-1.2.3.tar.gz) = a93251aa5e4f142db4fa6433de80797f80960fac RMD160 (libvorbis-1.2.3.tar.gz) = e80ad7de3c2599e0d88994876407ac8fe3c9a0e7 Size (libvorbis-1.2.3.tar.gz) = 1474492 bytes +SHA1 (patch-aa) = bd1534e2f680d5621a7909fd0b197d9d8c52b91d +SHA1 (patch-ab) = b253546a863893e96569d8afb5e626ffe5f226dc diff --git a/audio/libvorbis/patches/patch-aa b/audio/libvorbis/patches/patch-aa new file mode 100644 index 00000000000..c682deec856 --- /dev/null +++ b/audio/libvorbis/patches/patch-aa @@ -0,0 +1,14 @@ +$NetBSD: patch-aa,v 1.5 2009/12/02 12:41:25 wiz Exp $ + +SVN r16957 + +--- lib/codebook.c.orig 2009-07-09 09:12:08.000000000 +0000 ++++ lib/codebook.c +@@ -198,6 +198,7 @@ int vorbis_staticbook_unpack(oggpack_buf + for(i=0;i<s->entries;){ + long num=oggpack_read(opb,_ilog(s->entries-i)); + if(num==-1)goto _eofout; ++ if(length>32)goto _errout; + for(j=0;j<num && i<s->entries;j++,i++) + s->lengthlist[i]=length; + length++; diff --git a/audio/libvorbis/patches/patch-ab b/audio/libvorbis/patches/patch-ab new file mode 100644 index 00000000000..72b21043a18 --- /dev/null +++ b/audio/libvorbis/patches/patch-ab @@ -0,0 +1,15 @@ +$NetBSD: patch-ab,v 1.5 2009/12/02 12:41:25 wiz Exp $ + +SVN 16326. + +--- lib/backends.h.orig 2009-07-09 09:12:08.000000000 +0000 ++++ lib/backends.h +@@ -111,7 +111,7 @@ typedef struct vorbis_info_residue0{ + int partitions; /* possible codebooks for a partition */ + int groupbook; /* huffbook for partitioning */ + int secondstages[64]; /* expanded out to pointers in lookup */ +- int booklist[256]; /* list of second stage books */ ++ int booklist[512]; /* list of second stage books */ + + const float classmetric1[64]; + const float classmetric2[64]; |