diff options
| author | lkundrak <lkundrak> | 2007-06-22 14:34:16 +0000 |
|---|---|---|
| committer | lkundrak <lkundrak> | 2007-06-22 14:34:16 +0000 |
| commit | fddd6546e98ba341e822e0a3d8956c67e430cd19 (patch) | |
| tree | bc6c8046c33724d83508187f5235eb939cf1dde3 /multimedia/vlc07 | |
| parent | 0e25bc5e18e1fbe065e309aabc136ecd485dcc88 (diff) | |
| download | pkgsrc-fddd6546e98ba341e822e0a3d8956c67e430cd19.tar.gz | |
Fix for CVE-2007-3316 format-string vulnerabilities backported from 0.8.6c.
Diffstat (limited to 'multimedia/vlc07')
| -rw-r--r-- | multimedia/vlc07/Makefile | 4 | ||||
| -rw-r--r-- | multimedia/vlc07/distinfo | 4 | ||||
| -rw-r--r-- | multimedia/vlc07/patches/patch-ag | 16 | ||||
| -rw-r--r-- | multimedia/vlc07/patches/patch-ah | 16 |
4 files changed, 37 insertions, 3 deletions
diff --git a/multimedia/vlc07/Makefile b/multimedia/vlc07/Makefile index f40ad5bf74c..a46c95df1cc 100644 --- a/multimedia/vlc07/Makefile +++ b/multimedia/vlc07/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.8 2007/02/22 19:26:51 wiz Exp $ +# $NetBSD: Makefile,v 1.9 2007/06/22 14:34:16 lkundrak Exp $ # DISTNAME= vlc-${VLC_VER} -PKGREVISION= 16 +PKGREVISION= 17 CATEGORIES= multimedia MASTER_SITES= http://download.videolan.org/pub/videolan/vlc/${VLC_VER}/ EXTRACT_SUFX= .tar.bz2 diff --git a/multimedia/vlc07/distinfo b/multimedia/vlc07/distinfo index 1c831cedfba..5020465a0b4 100644 --- a/multimedia/vlc07/distinfo +++ b/multimedia/vlc07/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.2 2007/01/13 07:31:07 wiz Exp $ +$NetBSD: distinfo,v 1.3 2007/06/22 14:34:16 lkundrak Exp $ SHA1 (vlc-0.7.2.tar.bz2) = 938eaea128af02451fcbf0305c84ce290c9d8c21 RMD160 (vlc-0.7.2.tar.bz2) = 05e35e0b9080581cfbc730212fc756cb46bd3257 @@ -9,3 +9,5 @@ SHA1 (patch-ac) = aec258582e1d18ccb1efc3ce74e9f949046d61b1 SHA1 (patch-ad) = e12945776db476e48ce005b6d68f9931ddcbe020 SHA1 (patch-ae) = 1dcc0466a362fcdf51fbce8869cd1a48d35d3909 SHA1 (patch-af) = ad79f35070495bbbe555bcc85bfa24b4bcbcb322 +SHA1 (patch-ag) = e71070ddfd8a06978d092e2e103308a52e101e13 +SHA1 (patch-ah) = 810c1341241d4fb800810c70c5eeb5ae5b5eb2dc diff --git a/multimedia/vlc07/patches/patch-ag b/multimedia/vlc07/patches/patch-ag new file mode 100644 index 00000000000..89af1a52ca8 --- /dev/null +++ b/multimedia/vlc07/patches/patch-ag @@ -0,0 +1,16 @@ +$NetBSD: patch-ag,v 1.1 2007/06/22 14:34:16 lkundrak Exp $ + +Fix for CVE-2007-3316 format-string vulnerability in Vorbis module described +by VideoLAN-SA-0702 advisory. Backported from 0.8.6c. + +--- modules/codec/vorbis.c.orig 2007-06-22 16:27:51.000000000 +0200 ++++ modules/codec/vorbis.c +@@ -496,7 +496,7 @@ static void ParseVorbisComments( decoder + *psz_value = '\0'; + psz_value++; + input_Control( p_input, INPUT_ADD_INFO, _("Vorbis comment"), +- psz_name, psz_value ); ++ psz_name, "%s", psz_value ); + } + free( psz_comment ); + i++; diff --git a/multimedia/vlc07/patches/patch-ah b/multimedia/vlc07/patches/patch-ah new file mode 100644 index 00000000000..82846d53c81 --- /dev/null +++ b/multimedia/vlc07/patches/patch-ah @@ -0,0 +1,16 @@ +$NetBSD: patch-ah,v 1.1 2007/06/22 14:34:17 lkundrak Exp $ + +Fix for CVE-2007-3316 format-string vulnerability in Theora module described +by VideoLAN-SA-0702 advisory. Backported from 0.8.6c. + +--- modules/codec/theora.c.orig 2004-04-28 22:02:41.000000000 +0200 ++++ modules/codec/theora.c +@@ -366,7 +366,7 @@ static void ParseTheoraComments( decoder + *psz_value = '\0'; + psz_value++; + input_Control( p_input, INPUT_ADD_INFO, _("Theora comment"), +- psz_name, psz_value ); ++ psz_name, "%s", psz_value ); + } + free( psz_comment ); + i++; |