summaryrefslogtreecommitdiff
path: root/games/plib
diff options
context:
space:
mode:
authordrochner <drochner@pkgsrc.org>2011-12-22 18:21:38 +0000
committerdrochner <drochner@pkgsrc.org>2011-12-22 18:21:38 +0000
commit83ede43138fbb6c2cbbee1d7baf2f1cef00ba5c3 (patch)
tree859255ae8205359715295d2ba9ba4723d53cfec8 /games/plib
parentccb3ea13de9a9bb4f6ff68dbe6a08b2e2c5479f6 (diff)
downloadpkgsrc-83ede43138fbb6c2cbbee1d7baf2f1cef00ba5c3.tar.gz
replace vsprintf() by vsnprintf() to protect an error message buffer
from being overrun, addresses CVE-2011-4620 bump PKGREV
Diffstat (limited to 'games/plib')
-rw-r--r--games/plib/Makefile4
-rw-r--r--games/plib/distinfo3
-rw-r--r--games/plib/patches/patch-ag15
3 files changed, 19 insertions, 3 deletions
diff --git a/games/plib/Makefile b/games/plib/Makefile
index 8a3e60e59db..c398f97fe24 100644
--- a/games/plib/Makefile
+++ b/games/plib/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.23 2011/04/14 11:30:08 hauke Exp $
+# $NetBSD: Makefile,v 1.24 2011/12/22 18:21:38 drochner Exp $
#
DISTNAME= plib-1.8.5
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= games x11
MASTER_SITES= http://plib.sourceforge.net/dist/
diff --git a/games/plib/distinfo b/games/plib/distinfo
index 5765976d8d5..fb30e2cac97 100644
--- a/games/plib/distinfo
+++ b/games/plib/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.11 2011/04/14 11:30:08 hauke Exp $
+$NetBSD: distinfo,v 1.12 2011/12/22 18:21:38 drochner Exp $
SHA1 (plib-1.8.5.tar.gz) = c2cf7e3e1e58f7b63dae4bb21e4fa82c3e4d4cfc
RMD160 (plib-1.8.5.tar.gz) = 55019bf3758ec2542804d8e3994f4bed5a188e60
@@ -8,3 +8,4 @@ SHA1 (patch-ab) = 3976dcf78e8ba44d55d08e67ddf3fa7f23def91e
SHA1 (patch-ad) = 1ec59b079a662bfc9b5ea5fa03686292ac05659f
SHA1 (patch-ae) = ae69e86642c53ef32619d6411809f80ab973b208
SHA1 (patch-af) = ea774a54a3cff4d43abae164bbcae745d4642aea
+SHA1 (patch-ag) = d715adee05f8e6973a5883f74573cc39bfd8d72e
diff --git a/games/plib/patches/patch-ag b/games/plib/patches/patch-ag
new file mode 100644
index 00000000000..4f81c4df2e8
--- /dev/null
+++ b/games/plib/patches/patch-ag
@@ -0,0 +1,15 @@
+$NetBSD: patch-ag,v 1.1 2011/12/22 18:21:38 drochner Exp $
+
+CVE-2011-4620
+
+--- src/util/ulError.cxx.orig 2008-03-11 02:06:23.000000000 +0000
++++ src/util/ulError.cxx
+@@ -39,7 +39,7 @@ void ulSetError ( enum ulSeverity severi
+ {
+ va_list argp;
+ va_start ( argp, fmt ) ;
+- vsprintf ( _ulErrorBuffer, fmt, argp ) ;
++ vsnprintf ( _ulErrorBuffer, sizeof(_ulErrorBuffer), fmt, argp ) ;
+ va_end ( argp ) ;
+
+ if ( _ulErrorCB )