apply a security fix from upstream CVS:

Check wLongsPerEntry before using it.
This fixes a potential crash for some values of it.
As a side effect it works around broken callocs with an integer
overflow vulnerability, but using MPlayer on such systems should
never be assumed to be safe!

This should fix SA26806 (http://secunia.com/advisories/26806/).

bump PKGREVISIONs

2 files changed, 4 insertions, 3 deletions

diff --git a/multimedia/gmplayer/Makefile b/multimedia/gmplayer/Makefile
index 6c0e9f536b5..b349d84fcf6 100644
--- a/multimedia/gmplayer/Makefile
+++ b/multimedia/gmplayer/Makefile
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.62 2007/09/07 10:06:22 tron Exp $
+# $NetBSD: Makefile,v 1.63 2007/09/13 19:16:02 drochner Exp $
 
 #
 # NOTE: if you are updating both mplayer and gmplayer, you must ensure
@@ -9,7 +9,7 @@
 #
 
 PKGNAME=	gmplayer-${MPLAYER_PKG_VERSION}
-PKGREVISION=	3
+PKGREVISION=	4
 
 BROKEN_IN=		pkgsrc-2006Q4
 
diff --git a/multimedia/gmplayer/distinfo b/multimedia/gmplayer/distinfo
index f32327686c6..c4bc5b2959a 100644
--- a/multimedia/gmplayer/distinfo
+++ b/multimedia/gmplayer/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.48 2007/07/05 05:18:50 wiz Exp $
+$NetBSD: distinfo,v 1.49 2007/09/13 19:16:02 drochner Exp $
 
 SHA1 (gmplayer-1.0rc9-20060123/AlienMind-1.2.tar.bz2) = 34370da1e003e4accceae194a63483aa6eebc4dc
 RMD160 (gmplayer-1.0rc9-20060123/AlienMind-1.2.tar.bz2) = f3fda7d44a59f98097162f76d0a0d58840974998
@@ -73,6 +73,7 @@ SHA1 (patch-ah) = 7aeb9f04d622fcad8c40dc9edbb0a58277fc622b
 SHA1 (patch-ai) = bcf45db81587d99fc69ae5fcf89ff4a4b8f6f53c
 SHA1 (patch-aj) = 40ba1625f85f0264628013ad0209aa095e8e5d3f
 SHA1 (patch-ak) = f095e2824fd54ec7a8ea7a8a59641743c1b65191
+SHA1 (patch-al) = cd378430de97b2492d524764e2f4f010bab4474c
 SHA1 (patch-ba) = bdb20f4ead6f55c0847534b5b1f06ea865e438e6
 SHA1 (patch-bb) = 554ca2074716ada4f817f55be61e808e1dc5c93e
 SHA1 (patch-bc) = c073f6e5d2d71030346fda82ff3a1f474ad49c0f