diff options
Diffstat (limited to 'multimedia')
-rw-r--r-- | multimedia/xvidcore/Makefile | 3 | ||||
-rw-r--r-- | multimedia/xvidcore/distinfo | 3 | ||||
-rw-r--r-- | multimedia/xvidcore/patches/patch-ac | 48 |
3 files changed, 52 insertions, 2 deletions
diff --git a/multimedia/xvidcore/Makefile b/multimedia/xvidcore/Makefile index c68a9f24732..e67ca53fd3a 100644 --- a/multimedia/xvidcore/Makefile +++ b/multimedia/xvidcore/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.27 2007/01/06 16:31:48 jmmv Exp $ +# $NetBSD: Makefile,v 1.28 2007/06/26 11:45:16 lkundrak Exp $ DISTNAME= xvidcore-1.1.2 +PKGREVISION= 1 CATEGORIES= multimedia MASTER_SITES= http://downloads.xvid.org/downloads/ EXTRACT_SUFX= .tar.bz2 diff --git a/multimedia/xvidcore/distinfo b/multimedia/xvidcore/distinfo index 0a659c594bc..0a2f393132f 100644 --- a/multimedia/xvidcore/distinfo +++ b/multimedia/xvidcore/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.15 2007/01/06 16:31:48 jmmv Exp $ +$NetBSD: distinfo,v 1.16 2007/06/26 11:45:16 lkundrak Exp $ SHA1 (xvidcore-1.1.2.tar.bz2) = a524c18f34133dc83b7be90abda7d0ae4ab3b7fb RMD160 (xvidcore-1.1.2.tar.bz2) = bc3dfbd176ece5f54bbd72f1e655eba4da9baeb4 Size (xvidcore-1.1.2.tar.bz2) = 626741 bytes SHA1 (patch-aa) = 593ae63ddb5ec646d7f531b99783de64a9d6ceb3 SHA1 (patch-ab) = 19306e1db22eeb58e703b1b416b019c0d2c4a694 +SHA1 (patch-ac) = 3865b2daac5d157154c30f248860d05707d62fd4 diff --git a/multimedia/xvidcore/patches/patch-ac b/multimedia/xvidcore/patches/patch-ac new file mode 100644 index 00000000000..b5d5d95d4e8 --- /dev/null +++ b/multimedia/xvidcore/patches/patch-ac @@ -0,0 +1,48 @@ +$NetBSD: patch-ac,v 1.1 2007/06/26 11:45:17 lkundrak Exp $ + +This is believed to fix CVE-2007-3329. +Though there is no more information about the vulnerability apart from function names, +it seems that coeff is the only index that could point out of bounds causing harm +and only these three functions share this code. + +--- src/bitstream/mbcoding.c.orig 2007-06-26 13:38:17.000000000 +0200 ++++ src/bitstream/mbcoding.c +@@ -1073,12 +1073,10 @@ get_intra_block(Bitstream * bs, + } + coeff += run; + +-#ifdef _DEBUG + if(coeff>=64) { + DPRINTF(XVID_DEBUG_ERROR,"error: overflow in coefficient index\n"); + return; + } +-#endif + + block[scan[coeff]] = level; + +@@ -1121,12 +1119,10 @@ get_inter_block_h263( + } + p += run; + +-#ifdef _DEBUG + if(p>=64) { + DPRINTF(XVID_DEBUG_ERROR,"error: overflow in coefficient index\n"); + return; + } +-#endif + + if (level < 0) { + level = level*quant_m_2 - quant_add; +@@ -1163,12 +1159,10 @@ get_inter_block_mpeg( + } + p += run; + +-#ifdef _DEBUG + if(p>=64) { + DPRINTF(XVID_DEBUG_ERROR,"error: overflow in coefficient index\n"); + return; + } +-#endif + + if (level < 0) { + level = ((2 * -level + 1) * matrix[scan[p]] * quant) >> 4; |