summaryrefslogtreecommitdiff
path: root/multimedia
diff options
context:
space:
mode:
authorlkundrak <lkundrak@pkgsrc.org>2007-06-22 14:32:24 +0000
committerlkundrak <lkundrak@pkgsrc.org>2007-06-22 14:32:24 +0000
commit1e25c97437f596ab263e80b17a16c9be07f20b6f (patch)
tree1dc6a741d9bf9cce1fe55015e45aecb71f8e2fc9 /multimedia
parent4c80c2d36b827af51045b6db507f660af99e0f06 (diff)
downloadpkgsrc-1e25c97437f596ab263e80b17a16c9be07f20b6f.tar.gz
Fixed the patch for CVE-2007-3316.
Diffstat (limited to 'multimedia')
-rw-r--r--multimedia/vlc/distinfo4
-rw-r--r--multimedia/vlc/patches/patch-ak10
2 files changed, 6 insertions, 8 deletions
diff --git a/multimedia/vlc/distinfo b/multimedia/vlc/distinfo
index 94d6342befb..1e942c0c04d 100644
--- a/multimedia/vlc/distinfo
+++ b/multimedia/vlc/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.11 2007/06/22 14:13:16 lkundrak Exp $
+$NetBSD: distinfo,v 1.12 2007/06/22 14:32:24 lkundrak Exp $
SHA1 (vlc-0.8.5.tar.bz2) = 2f0a26a336a5211f32c7bcc653dfd0b27f1fb26b
RMD160 (vlc-0.8.5.tar.bz2) = d24140a5b4bf771754028090e103bb5c171e4fd8
@@ -10,7 +10,7 @@ SHA1 (patch-ag) = 44061c0018d97c45d4edfdb2a16192f3c99024f8
SHA1 (patch-ah) = 5a355a70b7b39c0a33db7cc37e3944f903686d3f
SHA1 (patch-ai) = 655df187ab529eb30753531dafbf4b68f7a85785
SHA1 (patch-aj) = ff16b192696f7a8517b2bf343697cb81c6041015
-SHA1 (patch-ak) = 62e4c366c6ad39fdadf3e9484f1ee46a2f5680ab
+SHA1 (patch-ak) = e9d9a6073134861033cb10820ec2307d3ca42e3d
SHA1 (patch-al) = d363baa7a1d4150b2b12376652650295e546f0fe
SHA1 (patch-am) = 7d212c47879c718a7685fe94660c9fa71a02f4c3
SHA1 (patch-an) = 6388e50ad6b7c4cc6860759d514ca691b996ee45
diff --git a/multimedia/vlc/patches/patch-ak b/multimedia/vlc/patches/patch-ak
index c366edc6261..330570f54c1 100644
--- a/multimedia/vlc/patches/patch-ak
+++ b/multimedia/vlc/patches/patch-ak
@@ -1,22 +1,20 @@
-$NetBSD: patch-ak,v 1.1 2007/06/22 14:13:16 lkundrak Exp $
+$NetBSD: patch-ak,v 1.2 2007/06/22 14:32:24 lkundrak Exp $
Fix for CVE-2007-3316 format-string vulnerability in CDDA module described
by VideoLAN-SA-0702 advisory. Backported from 0.8.6c.
---- modules/access/cdda.c.orig 2007-06-22 16:00:43.000000000 +0200
+--- modules/access/cdda.c.orig 2006-05-06 17:52:18.000000000 +0200
+++ modules/access/cdda.c
-@@ -630,7 +630,9 @@ static int GetTracks( access_t *p_access
+@@ -630,7 +630,7 @@ static int GetTracks( access_t *p_access
{
vlc_input_item_AddInfo( &p_item->input,
_(VLC_META_INFO_CAT),
- _(VLC_META_TITLE),
+ _(VLC_META_TITLE), "%s",
-+ cddb_track_get_title( t ) );
-+
cddb_track_get_title( t ) );
if( p_item->input.psz_name )
free( p_item->input.psz_name );
-@@ -641,7 +643,7 @@ static int GetTracks( access_t *p_access
+@@ -641,7 +641,7 @@ static int GetTracks( access_t *p_access
if( psz_result )
{
vlc_input_item_AddInfo( &p_item->input,