diff options
Diffstat (limited to 'multimedia/vlc07/patches/patch-ah')
-rw-r--r-- | multimedia/vlc07/patches/patch-ah | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/multimedia/vlc07/patches/patch-ah b/multimedia/vlc07/patches/patch-ah new file mode 100644 index 00000000000..82846d53c81 --- /dev/null +++ b/multimedia/vlc07/patches/patch-ah @@ -0,0 +1,16 @@ +$NetBSD: patch-ah,v 1.1 2007/06/22 14:34:17 lkundrak Exp $ + +Fix for CVE-2007-3316 format-string vulnerability in Theora module described +by VideoLAN-SA-0702 advisory. Backported from 0.8.6c. + +--- modules/codec/theora.c.orig 2004-04-28 22:02:41.000000000 +0200 ++++ modules/codec/theora.c +@@ -366,7 +366,7 @@ static void ParseTheoraComments( decoder + *psz_value = '\0'; + psz_value++; + input_Control( p_input, INPUT_ADD_INFO, _("Theora comment"), +- psz_name, psz_value ); ++ psz_name, "%s", psz_value ); + } + free( psz_comment ); + i++; |