diff options
| author | drochner <drochner> | 2008-04-15 12:35:10 +0000 |
|---|---|---|
| committer | drochner <drochner> | 2008-04-15 12:35:10 +0000 |
| commit | 58f3bc8e46ed6cba415e193f182e47254f4d7629 (patch) | |
| tree | 35657c7974a91b530a1c79b065b087325ab90a29 /misc/libcdio | |
| parent | 4be08e1a0b629de439daf1f708c8dbe10a09ed90 (diff) | |
| download | pkgsrc-58f3bc8e46ed6cba415e193f182e47254f4d7629.tar.gz | |
fix a stack-based buffer overflow (CVE-2007-6613), patch from upstream,
bump PKGREVISION
Diffstat (limited to 'misc/libcdio')
| -rw-r--r-- | misc/libcdio/Makefile | 4 | ||||
| -rw-r--r-- | misc/libcdio/distinfo | 4 | ||||
| -rw-r--r-- | misc/libcdio/patches/patch-ba | 13 | ||||
| -rw-r--r-- | misc/libcdio/patches/patch-bb | 13 |
4 files changed, 31 insertions, 3 deletions
diff --git a/misc/libcdio/Makefile b/misc/libcdio/Makefile index ede3f057e1c..789732e340b 100644 --- a/misc/libcdio/Makefile +++ b/misc/libcdio/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.32 2007/07/01 15:58:37 heinz Exp $ +# $NetBSD: Makefile,v 1.33 2008/04/15 12:35:10 drochner Exp $ DISTNAME= libcdio-0.76 -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= misc MASTER_SITES= ${MASTER_SITE_GNU:=libcdio/} diff --git a/misc/libcdio/distinfo b/misc/libcdio/distinfo index 996f6fce875..cb061288891 100644 --- a/misc/libcdio/distinfo +++ b/misc/libcdio/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.13 2006/08/27 23:27:05 dbj Exp $ +$NetBSD: distinfo,v 1.14 2008/04/15 12:35:10 drochner Exp $ SHA1 (libcdio-0.76.tar.gz) = 55c738eb118e4d0f08b4af965899eb0c79b21906 RMD160 (libcdio-0.76.tar.gz) = 3ebce21179c04c5a8d721d485a28244de9ac82f3 @@ -6,3 +6,5 @@ Size (libcdio-0.76.tar.gz) = 1821519 bytes SHA1 (patch-aa) = 8e70ee2840c19da3efc0c47dfa9f7ea400a1ec2e SHA1 (patch-ab) = 730adf8fd064877ec9691193027aa6dc5b7c6cc5 SHA1 (patch-ac) = 2ed1f677b863c48d724dce6386ae960822a66a16 +SHA1 (patch-ba) = c2817b8ab8c7a316b969af56f30e779e5822ced5 +SHA1 (patch-bb) = 34386568c63c05ed839b37a44f83691c2a06754f diff --git a/misc/libcdio/patches/patch-ba b/misc/libcdio/patches/patch-ba new file mode 100644 index 00000000000..7440ea9cdf3 --- /dev/null +++ b/misc/libcdio/patches/patch-ba @@ -0,0 +1,13 @@ +$NetBSD: patch-ba,v 1.1 2008/04/15 12:35:10 drochner Exp $ + +--- src/cd-info.c.orig 2005-09-18 22:34:02.000000000 +0200 ++++ src/cd-info.c +@@ -510,7 +510,7 @@ print_iso9660_recurse (CdIo_t *p_cdio, c + iso9660_stat_t *p_statbuf = _cdio_list_node_data (entnode); + char *psz_iso_name = p_statbuf->filename; + char _fullname[4096] = { 0, }; +- char translated_name[MAX_ISONAME+1]; ++ char *translated_name = (char *) alloca(strlen(psz_iso_name)+1); + + if (yep != p_statbuf->rr.b3_rock || 1 == opts.no_rock_ridge) { + iso9660_name_translate_ext(psz_iso_name, translated_name, diff --git a/misc/libcdio/patches/patch-bb b/misc/libcdio/patches/patch-bb new file mode 100644 index 00000000000..33bb9ab22a6 --- /dev/null +++ b/misc/libcdio/patches/patch-bb @@ -0,0 +1,13 @@ +$NetBSD: patch-bb,v 1.1 2008/04/15 12:35:10 drochner Exp $ + +--- src/iso-info.c.orig 2005-03-18 13:56:00.000000000 +0100 ++++ src/iso-info.c +@@ -199,7 +199,7 @@ print_iso9660_recurse (iso9660_t *p_iso, + iso9660_stat_t *p_statbuf = _cdio_list_node_data (entnode); + char *psz_iso_name = p_statbuf->filename; + char _fullname[4096] = { 0, }; +- char translated_name[MAX_ISONAME+1]; ++ char *translated_name = (char *) alloca(strlen(psz_iso_name)+1); + + if (yep != p_statbuf->rr.b3_rock || 1 == opts.no_rock_ridge) { + iso9660_name_translate_ext(psz_iso_name, translated_name, |