From 1643213a74dc682b3e822b98f2f42c7786f65b34 Mon Sep 17 00:00:00 2001 From: salo Date: Sat, 16 Apr 2005 15:47:16 +0000 Subject: Pullup ticket 439 - requested by Julio M. Merino Vidal security fix for gnome-vfs2-cdda Revisions pulled up: - pkgsrc/audio/gnome-vfs2-cdda/Makefile 1.6 - pkgsrc/sysutils/gnome-vfs2/patches/patch-ac 1.5 Patch provided by the submitter for gnome-vfs2/distinfo. Module Name: pkgsrc Committed By: jmmv Date: Tue Apr 12 20:12:02 UTC 2005 Modified Files: pkgsrc/audio/gnome-vfs2-cdda: Makefile pkgsrc/sysutils/gnome-vfs2: distinfo Added Files: pkgsrc/sysutils/gnome-vfs2/patches: patch-ac Log Message: Apply patch from Gentoo to fix security problem in the cdda module. Bump gnome-vfs2-cdda's module to 1. Quoting the Gentoo advisory: "The GnomeVFS and libcdaudio libraries contain a buffer overflow that can be triggered by a large CDDB response, potentially allowing the execution of arbitrary code." See http://www.gentoo.org/security/en/glsa/glsa-200504-07.xml and http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0706 for more information. --- audio/gnome-vfs2-cdda/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'audio') diff --git a/audio/gnome-vfs2-cdda/Makefile b/audio/gnome-vfs2-cdda/Makefile index b26b6bed87d..1934ed6da37 100644 --- a/audio/gnome-vfs2-cdda/Makefile +++ b/audio/gnome-vfs2-cdda/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.5 2005/02/26 17:23:01 jmmv Exp $ +# $NetBSD: Makefile,v 1.5.2.1 2005/04/16 15:47:16 salo Exp $ # GNOME_VFS2_NAME= cdda +PKGREVISION= 1 CATEGORIES= audio CPPFLAGS+= -I${BUILDLINK_PREFIX.cdparanoia}/include/cdparanoia -- cgit v1.2.3