diff options
| author | salo <salo> | 2006-04-26 14:58:40 +0000 |
|---|---|---|
| committer | salo <salo> | 2006-04-26 14:58:40 +0000 |
| commit | b4273a511a054ccf109141a4f4db5051a305704b (patch) | |
| tree | 1d7428c5416a487655249fb034159d62ed9d9c69 /multimedia | |
| parent | 171c69d6f7c3fa56866f2825631ab7568b2b18f9 (diff) | |
| download | pkgsrc-b4273a511a054ccf109141a4f4db5051a305704b.tar.gz | |
Pullup ticket 1460 - requested by drochner
security fix for xine-ui
Patch provided by the submitter.
Module Name: pkgsrc
Committed By: drochner
Date: Fri Apr 21 11:11:26 UTC 2006
Modified Files:
pkgsrc/multimedia/xine-ui: Makefile distinfo
Added Files:
pkgsrc/multimedia/xine-ui/patches: patch-aq patch-ar
Log Message:
fix some format string vulnerabilities, see
http://www.open-security.org/advisories/16
Diffstat (limited to 'multimedia')
| -rw-r--r-- | multimedia/xine-ui/Makefile | 4 | ||||
| -rw-r--r-- | multimedia/xine-ui/distinfo | 4 | ||||
| -rw-r--r-- | multimedia/xine-ui/patches/patch-aq | 31 | ||||
| -rw-r--r-- | multimedia/xine-ui/patches/patch-ar | 13 |
4 files changed, 49 insertions, 3 deletions
diff --git a/multimedia/xine-ui/Makefile b/multimedia/xine-ui/Makefile index 14ce0fc2401..f3c54ed9d0d 100644 --- a/multimedia/xine-ui/Makefile +++ b/multimedia/xine-ui/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.20 2006/03/04 21:30:16 jlam Exp $ +# $NetBSD: Makefile,v 1.20.2.1 2006/04/26 14:58:40 salo Exp $ # DISTNAME= xine-ui-0.99.2 -PKGREVISION= 4 +PKGREVISION= 5 CATEGORIES= multimedia MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=xine/} diff --git a/multimedia/xine-ui/distinfo b/multimedia/xine-ui/distinfo index c89dc57673b..8f7ef358eed 100644 --- a/multimedia/xine-ui/distinfo +++ b/multimedia/xine-ui/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.8 2005/10/10 22:52:44 joerg Exp $ +$NetBSD: distinfo,v 1.8.4.1 2006/04/26 14:58:40 salo Exp $ SHA1 (xine-ui-0.99.2.tar.gz) = 0815f3b660e50a3a69bac1d54bdf8036e9ff57e2 RMD160 (xine-ui-0.99.2.tar.gz) = ccfd667417a9aa51561a132ab86e3fb1d3349694 @@ -16,3 +16,5 @@ SHA1 (patch-ak) = 21d6d048502b71a703365e3fab136b096c4575d3 SHA1 (patch-al) = d00f3ad348450e209d55ba69c1c053fce7d359b3 SHA1 (patch-am) = 55f13b6288a2ef06ed3d82bec6e28be3d65620ee SHA1 (patch-ao) = 09e83615b88dffbdfeb0b0bad07dcdc60024ba67 +SHA1 (patch-aq) = e6c3ca5387f28acd4002c2f607413f6b0af028a5 +SHA1 (patch-ar) = 6c0ad24cb0293cbe46e64564eaeb5495f7635bc2 diff --git a/multimedia/xine-ui/patches/patch-aq b/multimedia/xine-ui/patches/patch-aq new file mode 100644 index 00000000000..cef7392908c --- /dev/null +++ b/multimedia/xine-ui/patches/patch-aq @@ -0,0 +1,31 @@ +$NetBSD: patch-aq,v 1.1.2.2 2006/04/26 14:58:40 salo Exp $ + +--- src/xitk/main.c.orig 2004-07-02 23:41:03.000000000 +0200 ++++ src/xitk/main.c +@@ -451,7 +451,7 @@ static void print_formatted(char *title, + int len; + char *blanks = " "; + +- printf(title); ++ printf("%s", title); + + sprintf(buffer, "%s", blanks); + plugin = *plugins++; +@@ -464,7 +464,7 @@ static void print_formatted(char *title, + sprintf(buffer, "%s%s%s", buffer, (strlen(buffer) == strlen(blanks)) ? "" : ", ", plugin); + } + else { +- printf(buffer); ++ printf("%s", buffer); + printf(",\n"); + snprintf(buffer, sizeof(buffer), "%s%s", blanks, plugin); + } +@@ -473,7 +473,7 @@ static void print_formatted(char *title, + } + + if(strlen(buffer)) +- printf(buffer); ++ printf("%s", buffer); + + printf(".\n\n"); + } diff --git a/multimedia/xine-ui/patches/patch-ar b/multimedia/xine-ui/patches/patch-ar new file mode 100644 index 00000000000..5d7e4ed57c4 --- /dev/null +++ b/multimedia/xine-ui/patches/patch-ar @@ -0,0 +1,13 @@ +$NetBSD: patch-ar,v 1.1.2.2 2006/04/26 14:58:40 salo Exp $ + +--- src/xitk/xine-toolkit/xitk.c.orig 2004-07-02 15:23:31.000000000 +0200 ++++ src/xitk/xine-toolkit/xitk.c +@@ -1725,7 +1725,7 @@ void xitk_init(Display *display, int ver + sprintf(buffer, "%s%s", buffer, " ]-"); + + if(verbosity) +- printf(buffer); ++ printf("%s", buffer); + + gXitk->wm_type = xitk_check_wm(display); + |