summaryrefslogtreecommitdiff
path: root/multimedia
diff options
context:
space:
mode:
authortnn <tnn@pkgsrc.org>2008-03-26 02:32:17 +0000
committertnn <tnn@pkgsrc.org>2008-03-26 02:32:17 +0000
commit1bb62b386aaa71214a3bbd92885ab3a63eaddc56 (patch)
treeaad278df86cbecbbe79227cd93b16b0ccf756dc4 /multimedia
parent7e2fba260637aa26e7d0209f767a4ffc59ddabae (diff)
downloadpkgsrc-1bb62b386aaa71214a3bbd92885ab3a63eaddc56.tar.gz
Patch for CVE-2008-1489, mp4 buffer overflow. Bump rev.
Diffstat (limited to 'multimedia')
-rw-r--r--multimedia/vlc/Makefile4
-rw-r--r--multimedia/vlc/distinfo3
-rw-r--r--multimedia/vlc/patches/patch-ae20
3 files changed, 24 insertions, 3 deletions
diff --git a/multimedia/vlc/Makefile b/multimedia/vlc/Makefile
index 38ac1ad0e21..f6eeb6da2b9 100644
--- a/multimedia/vlc/Makefile
+++ b/multimedia/vlc/Makefile
@@ -1,11 +1,11 @@
-# $NetBSD: Makefile,v 1.49 2008/02/28 16:18:53 kefren Exp $
+# $NetBSD: Makefile,v 1.50 2008/03/26 02:32:17 tnn Exp $
#
DISTNAME= vlc-${VLC_VER}
CATEGORIES= multimedia
MASTER_SITES= http://download.videolan.org/pub/videolan/vlc/${VLC_VER}/
EXTRACT_SUFX= .tar.bz2
-PKGREVISION= 2
+PKGREVISION= 3
MAINTAINER= pkgsrc-users@NetBSD.org
HOMEPAGE= http://www.videolan.org/
diff --git a/multimedia/vlc/distinfo b/multimedia/vlc/distinfo
index 81224ce4920..8da4ca06eb7 100644
--- a/multimedia/vlc/distinfo
+++ b/multimedia/vlc/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.14 2008/02/28 16:18:53 kefren Exp $
+$NetBSD: distinfo,v 1.15 2008/03/26 02:32:17 tnn Exp $
SHA1 (vlc-0.8.6d.tar.bz2) = 63afd15cc782795c8d8f3de5edc614389465c577
RMD160 (vlc-0.8.6d.tar.bz2) = 16c1998dbc30ad96bebdd8792d135b5f7899166e
@@ -7,3 +7,4 @@ SHA1 (patch-aa) = 497a83bb0f1e2c095a81aa84115e66b56dd47e2c
SHA1 (patch-ab) = c311b82c00f1eea164189a9759c9ca576faec671
SHA1 (patch-ac) = 54526feb8f88cd1f61e40abd62ed5f68ce6b934b
SHA1 (patch-ad) = dd92aeabc8d21ebf4113558b9d63f7737add2d91
+SHA1 (patch-ae) = 6282c601bb7c1f6c5b55f57a02e965216bd38cd3
diff --git a/multimedia/vlc/patches/patch-ae b/multimedia/vlc/patches/patch-ae
new file mode 100644
index 00000000000..b5e4b6d513c
--- /dev/null
+++ b/multimedia/vlc/patches/patch-ae
@@ -0,0 +1,20 @@
+$NetBSD: patch-ae,v 1.3 2008/03/26 02:32:17 tnn Exp $
+
+--- modules/demux/mp4/libmp4.c.orig 2007-11-26 14:08:01.000000000 +0100
++++ modules/demux/mp4/libmp4.c
+@@ -1959,10 +1959,14 @@ static int MP4_ReadBox_rdrf( stream_t *p
+ MP4_GETVERSIONFLAGS( p_box->data.p_rdrf );
+ MP4_GETFOURCC( p_box->data.p_rdrf->i_ref_type );
+ MP4_GET4BYTES( i_len );
++ i_len++;
++
+ if( i_len > 0 )
+ {
+ uint32_t i;
+- p_box->data.p_rdrf->psz_ref = malloc( i_len + 1);
++ p_box->data.p_rdrf->psz_ref = malloc( i_len );
++ i_len--;
++
+ for( i = 0; i < i_len; i++ )
+ {
+ MP4_GET1BYTE( p_box->data.p_rdrf->psz_ref[i] );