diff options
| author | drochner <drochner@pkgsrc.org> | 2009-02-11 12:42:59 +0000 |
|---|---|---|
| committer | drochner <drochner@pkgsrc.org> | 2009-02-11 12:42:59 +0000 |
| commit | 9b8c61c402ffa35de15a2d57a76ac27bc895f155 (patch) | |
| tree | 9086c421e39a6ffd9f4c6991f943edb465734008 /multimedia | |
| parent | cb8f95b94bc80fb352c6792faab72a41b80eec5c (diff) | |
| download | pkgsrc-9b8c61c402ffa35de15a2d57a76ac27bc895f155.tar.gz | |
old gstreamer0.8 is also affected by the qt demux security problem
recently fixed in 0.10 (known as CVE-2009-0398 now), so add
the applicable part of the upstream patch and bump PKGREVISION
(this has reached the end of its useful life anyway, it is only
used by "tunesbrowser" and as non-default option in KDE3)
Diffstat (limited to 'multimedia')
| -rw-r--r-- | multimedia/gst-plugins0.8/Makefile | 4 | ||||
| -rw-r--r-- | multimedia/gst-plugins0.8/distinfo | 3 | ||||
| -rw-r--r-- | multimedia/gst-plugins0.8/patches/patch-am | 22 |
3 files changed, 26 insertions, 3 deletions
diff --git a/multimedia/gst-plugins0.8/Makefile b/multimedia/gst-plugins0.8/Makefile index 18633fa59e0..07d9249af35 100644 --- a/multimedia/gst-plugins0.8/Makefile +++ b/multimedia/gst-plugins0.8/Makefile @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.15 2008/06/20 01:09:28 joerg Exp $ +# $NetBSD: Makefile,v 1.16 2009/02/11 12:42:59 drochner Exp $ # PKG_DESTDIR_SUPPORT= user-destdir @@ -8,7 +8,7 @@ USE_LANGUAGES= c c++ .include "Makefile.common" COMMENT+= base plugins -PKGREVISION= 10 +PKGREVISION= 11 USE_TOOLS+= perl:run diff --git a/multimedia/gst-plugins0.8/distinfo b/multimedia/gst-plugins0.8/distinfo index e55647cbdc1..ae5062d1fe3 100644 --- a/multimedia/gst-plugins0.8/distinfo +++ b/multimedia/gst-plugins0.8/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.3 2006/04/28 22:27:36 wiz Exp $ +$NetBSD: distinfo,v 1.4 2009/02/11 12:42:59 drochner Exp $ SHA1 (gst-plugins-0.8.11.tar.bz2) = 4a9be6b62dd0e8a73616e8e93f7a3ace8aec8c59 RMD160 (gst-plugins-0.8.11.tar.bz2) = 833aec123a52cd0f36ec883c349cc8d69090d749 @@ -14,3 +14,4 @@ SHA1 (patch-ai) = fbee2828dfda28f1e017552e0e2e273cf5d2670b SHA1 (patch-aj) = b0af98ac299f1b52387de14c5f3a0173efd7ca8f SHA1 (patch-ak) = 9907506f1d7bab87d6857fc159bbe58b82b1b585 SHA1 (patch-al) = 363b9f17c1a09e1283f73104c6fb83cd880c9847 +SHA1 (patch-am) = b53630192ae2ed108c642ca9675338b2951e5126 diff --git a/multimedia/gst-plugins0.8/patches/patch-am b/multimedia/gst-plugins0.8/patches/patch-am new file mode 100644 index 00000000000..c11eca1f8d4 --- /dev/null +++ b/multimedia/gst-plugins0.8/patches/patch-am @@ -0,0 +1,22 @@ +$NetBSD: patch-am,v 1.1 2009/02/11 12:42:59 drochner Exp $ + +--- gst/qtdemux/qtdemux.c.orig 2005-08-29 13:50:51.000000000 +0200 ++++ gst/qtdemux/qtdemux.c +@@ -2360,7 +2360,7 @@ qtdemux_parse_trak (GstQTDemux * qtdemux + n_sample_times = QTDEMUX_GUINT32_GET (stts->data + 12); + timestamp = 0; + index = 0; +- for (i = 0; i < n_sample_times; i++) { ++ for (i = 0; (i < n_sample_times) && (index < n_samples); i++) { + int n; + int duration; + guint64 time; +@@ -2368,7 +2368,7 @@ qtdemux_parse_trak (GstQTDemux * qtdemux + n = QTDEMUX_GUINT32_GET (stts->data + 16 + 8 * i); + duration = QTDEMUX_GUINT32_GET (stts->data + 16 + 8 * i + 4); + time = (GST_SECOND * duration) / stream->timescale; +- for (j = 0; j < n; j++) { ++ for (j = 0; (j < n) && (index < n_samples); j++) { + //GST_INFO("moo %lld", timestamp); + samples[index].timestamp = timestamp; + samples[index].duration = time; |