diff options
author | ghen <ghen> | 2007-03-05 12:11:41 +0000 |
---|---|---|
committer | ghen <ghen> | 2007-03-05 12:11:41 +0000 |
commit | dcf651d3dc57b20e6b944e546a2a85eb1ca859ee (patch) | |
tree | 98a58cfc6fc5030f7ebaa56161ef479435287e14 /multimedia/xine-ui/patches/patch-ax | |
parent | b1aed37658d9859863d28638d70f8e3bb836fa64 (diff) | |
download | pkgsrc-dcf651d3dc57b20e6b944e546a2a85eb1ca859ee.tar.gz |
Pullup ticket 2026 - requested by salo
security update for xine-ui
- pkgsrc/multimedia/xine-ui/Makefile 1.30, 1.34 via patch
- pkgsrc/multimedia/xine-ui/distinfo 1.12, 1.14 via patch
- pkgsrc/multimedia/xine-ui/patches/patch-ai 1.2
- pkgsrc/multimedia/xine-ui/patches/patch-aq 1.2
- pkgsrc/multimedia/xine-ui/patches/patch-ar 1.2
- pkgsrc/multimedia/xine-ui/patches/patch-as 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-au 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-av 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-aw 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ax 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ay 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-az 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-ba 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-bb 1.1
- pkgsrc/multimedia/xine-ui/patches/patch-bc 1.1
Module Name: pkgsrc
Committed By: drochner
Date: Tue Jan 9 14:52:41 UTC 2007
Modified Files:
pkgsrc/multimedia/xine-ui: Makefile distinfo
pkgsrc/multimedia/xine-ui/patches: patch-ar
Added Files:
pkgsrc/multimedia/xine-ui/patches: patch-as
Log Message:
fix PR pkg/35375: xine-ui freezes konsole sessions from
Sergey Svishchev, patch from xine CVS
---
Module Name: pkgsrc
Committed By: salo
Date: Sat Feb 17 22:48:18 UTC 2007
Modified Files:
pkgsrc/multimedia/xine-ui: Makefile distinfo
pkgsrc/multimedia/xine-ui/patches: patch-ai patch-aq
Added Files:
pkgsrc/multimedia/xine-ui/patches: patch-au patch-av patch-aw patch-ax
patch-ay patch-az patch-ba patch-bb patch-bc
Log Message:
Security fixes for CVE-2007-0254 (and more):
"A vulnerability has been reported in xine-ui, which potentially can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to a format string error within the
"errors_create_window()" function in errors.c. This may be exploited to
execute arbitrary code by e.g. tricking a user into opening a specially
crafted playlist file."
Patch from SUSE.
Bump PKGREVISION.
XXX: The sources are a real mess. My condolences to everyone using it.
And good luck, you'll need it!..
Diffstat (limited to 'multimedia/xine-ui/patches/patch-ax')
-rw-r--r-- | multimedia/xine-ui/patches/patch-ax | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/multimedia/xine-ui/patches/patch-ax b/multimedia/xine-ui/patches/patch-ax new file mode 100644 index 00000000000..571dc5c1eae --- /dev/null +++ b/multimedia/xine-ui/patches/patch-ax @@ -0,0 +1,13 @@ +$NetBSD: patch-ax,v 1.1.2.2 2007/03/05 12:11:43 ghen Exp $ + +--- src/xitk/file_browser.c.orig 2005-05-29 12:43:40.000000000 +0200 ++++ src/xitk/file_browser.c 2007-02-17 21:56:02.000000000 +0100 +@@ -1012,7 +1012,7 @@ static void fb_delete_file(xitk_widget_t + xitk_window_dialog_yesno(gGui->imlib_data, _("Confirm deletion ?"), + fb_delete_file_cb, + fb_delete_file_cb, +- (void *)fb, ALIGN_DEFAULT, buf); ++ (void *)fb, ALIGN_DEFAULT, "%s", buf); + } + } + |