diff options
| author | ghen <ghen> | 2007-03-05 12:11:41 +0000 |
|---|---|---|
| committer | ghen <ghen> | 2007-03-05 12:11:41 +0000 |
| commit | dcf651d3dc57b20e6b944e546a2a85eb1ca859ee (patch) | |
| tree | 98a58cfc6fc5030f7ebaa56161ef479435287e14 /multimedia/xine-ui/patches/patch-au | |
| parent | b1aed37658d9859863d28638d70f8e3bb836fa64 (diff) | |
| download | pkgsrc-dcf651d3dc57b20e6b944e546a2a85eb1ca859ee.tar.gz | |
Pullup ticket 2026 - requested by salo
security update for xine-ui
- pkgsrc/multimedia/xine-ui/Makefile 1.30, 1.34 via patch
- pkgsrc/multimedia/xine-ui/distinfo 1.12, 1.14 via patch
- pkgsrc/multimedia/xine-ui/patches/patch-ai 1.2
- pkgsrc/multimedia/xine-ui/patches/patch-aq 1.2
- pkgsrc/multimedia/xine-ui/patches/patch-ar 1.2
- pkgsrc/multimedia/xine-ui/patches/patch-as 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-au 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-av 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-aw 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ax 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ay 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-az 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ba 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-bb 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-bc 1.1
Module Name: pkgsrc
Committed By: drochner
Date: Tue Jan 9 14:52:41 UTC 2007
Modified Files:
pkgsrc/multimedia/xine-ui: Makefile distinfo
pkgsrc/multimedia/xine-ui/patches: patch-ar
Added Files:
pkgsrc/multimedia/xine-ui/patches: patch-as
Log Message:
fix PR pkg/35375: xine-ui freezes konsole sessions from
Sergey Svishchev, patch from xine CVS
---
Module Name: pkgsrc
Committed By: salo
Date: Sat Feb 17 22:48:18 UTC 2007
Modified Files:
pkgsrc/multimedia/xine-ui: Makefile distinfo
pkgsrc/multimedia/xine-ui/patches: patch-ai patch-aq
Added Files:
pkgsrc/multimedia/xine-ui/patches: patch-au patch-av patch-aw patch-ax
patch-ay patch-az patch-ba patch-bb patch-bc
Log Message:
Security fixes for CVE-2007-0254 (and more):
"A vulnerability has been reported in xine-ui, which potentially can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a format string error within the
"errors_create_window()" function in errors.c. This may be exploited to
execute arbitrary code by e.g. tricking a user into opening a specially
crafted playlist file."
Patch from SUSE.
Bump PKGREVISION.
XXX: The sources are a real mess. My condolences to everyone using it.
And good luck, you'll need it!..
Diffstat (limited to 'multimedia/xine-ui/patches/patch-au')
| -rw-r--r-- | multimedia/xine-ui/patches/patch-au | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/multimedia/xine-ui/patches/patch-au b/multimedia/xine-ui/patches/patch-au new file mode 100644 index 00000000000..06622a3a9a4 --- /dev/null +++ b/multimedia/xine-ui/patches/patch-au @@ -0,0 +1,20 @@ +$NetBSD: patch-au,v 1.1.2.2 2007/03/05 12:11:42 ghen Exp $ + +--- src/fb/osd.c.orig 2003-12-01 18:23:27.000000000 +0100 ++++ src/fb/osd.c 2007-02-17 21:56:02.000000000 +0100 +@@ -589,7 +589,7 @@ void osd_display_spu_lang(void) { + } + + sprintf(buffer, "Subtitles: %s", lang); +- osd_display_info(buffer); ++ osd_display_info("%s", buffer); + } + + void osd_display_audio_lang(void) { +@@ -618,5 +618,5 @@ void osd_display_audio_lang(void) { + } + + sprintf(buffer, "Audio Channel: %s", lang); +- osd_display_info(buffer); ++ osd_display_info("%s", buffer); + } |