summaryrefslogtreecommitdiff
path: root/audio
diff options
context:
space:
mode:
authorbsiegert <bsiegert@pkgsrc.org>2015-03-21 19:06:54 +0000
committerbsiegert <bsiegert@pkgsrc.org>2015-03-21 19:06:54 +0000
commit78c5e7fe27b1f1a279a49fda29c01483e2cef77c (patch)
treee920a5a8c42fb46c8c85610a068fb8f45a125218 /audio
parentbd3a345fc316ef89af4f6a48500143a3d3a36f51 (diff)
downloadpkgsrc-78c5e7fe27b1f1a279a49fda29c01483e2cef77c.tar.gz
SECURITY: Fix CVE-2014-9640.
https://trac.xiph.org/changeset/19117 oggenc: fix crash on raw file close, reported by Hanno in issue #2009. pointer to a non-static struct was escaping its scope.
Diffstat (limited to 'audio')
-rw-r--r--audio/vorbis-tools/Makefile4
-rw-r--r--audio/vorbis-tools/distinfo4
-rw-r--r--audio/vorbis-tools/patches/patch-ac32
3 files changed, 31 insertions, 9 deletions
diff --git a/audio/vorbis-tools/Makefile b/audio/vorbis-tools/Makefile
index 5b6ba4a3e49..837bb4bd406 100644
--- a/audio/vorbis-tools/Makefile
+++ b/audio/vorbis-tools/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.60 2014/02/12 23:17:35 tron Exp $
+# $NetBSD: Makefile,v 1.61 2015/03/21 19:06:54 bsiegert Exp $
DISTNAME= vorbis-tools-1.4.0
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= audio
MASTER_SITES= http://downloads.xiph.org/releases/vorbis/
diff --git a/audio/vorbis-tools/distinfo b/audio/vorbis-tools/distinfo
index e8d7e20f268..f305dd93a01 100644
--- a/audio/vorbis-tools/distinfo
+++ b/audio/vorbis-tools/distinfo
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.23 2010/11/09 13:13:03 adam Exp $
+$NetBSD: distinfo,v 1.24 2015/03/21 19:06:54 bsiegert Exp $
SHA1 (vorbis-tools-1.4.0.tar.gz) = fc6a820bdb5ad6fcac074721fab5c3f96eaf6562
RMD160 (vorbis-tools-1.4.0.tar.gz) = ff21e5c9456ac0a82b8eda4e53931db8522a2ccd
Size (vorbis-tools-1.4.0.tar.gz) = 1346532 bytes
SHA1 (patch-aa) = ea37946fb3a227d91eeb3ea94a9a7c9f8a3ef021
SHA1 (patch-ab) = 00c0a5a9388baf79fd944e12cda1da65e2e8676c
-SHA1 (patch-ac) = 43f270b53044c54cf682ee084fa29592cf2b0eeb
+SHA1 (patch-ac) = 781ad97014c81f9fd40166cc29112247ef4acd6d
SHA1 (patch-ae) = 60ca36c35325e4228ea7f7f5b3a60cd57b56b0cd
diff --git a/audio/vorbis-tools/patches/patch-ac b/audio/vorbis-tools/patches/patch-ac
index b287c548d0a..11971b408ab 100644
--- a/audio/vorbis-tools/patches/patch-ac
+++ b/audio/vorbis-tools/patches/patch-ac
@@ -1,8 +1,30 @@
-$NetBSD: patch-ac,v 1.9 2010/11/09 13:13:03 adam Exp $
+$NetBSD: patch-ac,v 1.10 2015/03/21 19:06:54 bsiegert Exp $
+https://trac.xiph.org/changeset/19117
+oggenc: fix crash on raw file close, reported by Hanno in issue #2009. pointer
+to a non-static struct was escaping its scope.
--- oggenc/oggenc.c.orig 2010-03-26 07:07:07.000000000 +0000
+++ oggenc/oggenc.c
-@@ -779,6 +779,8 @@ static void parse_options(int argc, char
+@@ -97,6 +97,8 @@ int main(int argc, char **argv)
+ .3,-1,
+ 0,0,0.f,
+ 0, 0, 0, 0, 0};
++ input_format raw_format = {NULL, 0, raw_open, wav_close, "raw",
++ N_("RAW file reader")};
+
+ int i;
+
+@@ -239,9 +241,6 @@ int main(int argc, char **argv)
+
+ if(opt.rawmode)
+ {
+- input_format raw_format = {NULL, 0, raw_open, wav_close, "raw",
+- N_("RAW file reader")};
+-
+ enc_opts.rate=opt.raw_samplerate;
+ enc_opts.channels=opt.raw_channels;
+ enc_opts.samplesize=opt.raw_samplesize;
+@@ -779,6 +778,8 @@ static void parse_options(int argc, char
break;
case 'a':
@@ -11,7 +33,7 @@ $NetBSD: patch-ac,v 1.9 2010/11/09 13:13:03 adam Exp $
opt->artist = realloc(opt->artist, (++opt->artist_count)*sizeof(char *));
opt->artist[opt->artist_count - 1] = strdup(optarg);
break;
-@@ -791,10 +793,14 @@ static void parse_options(int argc, char
+@@ -791,10 +792,14 @@ static void parse_options(int argc, char
opt->comments[opt->comment_count - 1] = strdup(optarg);
break;
case 'd':
@@ -26,7 +48,7 @@ $NetBSD: patch-ac,v 1.9 2010/11/09 13:13:03 adam Exp $
opt->genre = realloc(opt->genre, (++opt->genre_count)*sizeof(char *));
opt->genre[opt->genre_count - 1] = strdup(optarg);
break;
-@@ -803,6 +809,8 @@ static void parse_options(int argc, char
+@@ -803,6 +808,8 @@ static void parse_options(int argc, char
exit(0);
break;
case 'l':
@@ -35,7 +57,7 @@ $NetBSD: patch-ac,v 1.9 2010/11/09 13:13:03 adam Exp $
opt->album = realloc(opt->album, (++opt->album_count)*sizeof(char *));
opt->album[opt->album_count - 1] = strdup(optarg);
break;
-@@ -815,6 +823,8 @@ static void parse_options(int argc, char
+@@ -815,6 +822,8 @@ static void parse_options(int argc, char
opt->fixedserial = 1;
break;
case 't':