pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/audio/libtunepimp0.4 Security fix for CVE-2006-3600:



details:   https://anonhg.NetBSD.org/pkgsrc/rev/cc6d00990d3e
branches:  trunk
changeset: 517732:cc6d00990d3e
user:      salo <salo%pkgsrc.org@localhost>
date:      Mon Aug 21 17:55:01 2006 +0000

description:
Security fix for CVE-2006-3600:

"A vulnerability in libtunepimp can be potentially exploited by
 malicious people to compromise a user's system.

 The vulnerability is caused due to a boundary error in the
 "LookupTRM::lookup()" function when retrieving album release dates.
 This can be exploited to cause a buffer overflow by returning an overly
 long release date string (more than 100 bytes).

 Successful exploitation may allow execution of arbitrary code in context
 of an application using the vulnerable library."

http://secunia.com/advisories/21026/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3600

Patch from MusicBrainz SVN.  Bump PKGREVISION.

diffstat:

 audio/libtunepimp0.4/Makefile         |   4 ++--
 audio/libtunepimp0.4/distinfo         |   3 ++-
 audio/libtunepimp0.4/patches/patch-ae |  24 ++++++++++++++++++++++++
 3 files changed, 28 insertions(+), 3 deletions(-)

diffs (56 lines):

diff -r de23ccf2fc65 -r cc6d00990d3e audio/libtunepimp0.4/Makefile
--- a/audio/libtunepimp0.4/Makefile     Mon Aug 21 17:29:33 2006 +0000
+++ b/audio/libtunepimp0.4/Makefile     Mon Aug 21 17:55:01 2006 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.2 2006/07/12 13:30:33 wiz Exp $
+# $NetBSD: Makefile,v 1.3 2006/08/21 17:55:01 salo Exp $
 #
 
 DISTNAME=              libtunepimp-0.4.2
-PKGREVISION=           1
+PKGREVISION=           2
 CATEGORIES=            audio
 MASTER_SITES=          ftp://ftp.musicbrainz.org/pub/musicbrainz/ \
                        http://ftp.musicbrainz.org/pub/musicbrainz/
diff -r de23ccf2fc65 -r cc6d00990d3e audio/libtunepimp0.4/distinfo
--- a/audio/libtunepimp0.4/distinfo     Mon Aug 21 17:29:33 2006 +0000
+++ b/audio/libtunepimp0.4/distinfo     Mon Aug 21 17:55:01 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.1.1.1 2006/07/12 13:07:19 wiz Exp $
+$NetBSD: distinfo,v 1.2 2006/08/21 17:55:01 salo Exp $
 
 SHA1 (libtunepimp-0.4.2.tar.gz) = deb7ac22e451b7512006e6f090333e14d4cbc78f
 RMD160 (libtunepimp-0.4.2.tar.gz) = f4c7ebeb505c6b8b1dff284aebf6c9e249192765
@@ -7,3 +7,4 @@
 SHA1 (patch-ab) = d72634d99a70925ee180108db4a95c10124b7de0
 SHA1 (patch-ac) = bebb5ac1358007098704052888a98f9d97376b6a
 SHA1 (patch-ad) = cdd662177cf90a9e926881d25eb40d674ca21456
+SHA1 (patch-ae) = eb8cfcbb6672c241f14666d77b48bd16ef3a9875
diff -r de23ccf2fc65 -r cc6d00990d3e audio/libtunepimp0.4/patches/patch-ae
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/audio/libtunepimp0.4/patches/patch-ae     Mon Aug 21 17:55:01 2006 +0000
@@ -0,0 +1,24 @@
+$NetBSD: patch-ae,v 1.1 2006/08/21 17:55:01 salo Exp $
+
+Security fix for CVE-2006-3600, from MusicBrainz SVN.
+
+--- lib/lookuptools.cpp.orig   2006-01-28 21:35:42.000000000 +0100
++++ lib/lookuptools.cpp        2006-08-21 16:43:11.000000000 +0200
+@@ -51,7 +51,7 @@
+     musicbrainz_t  o;
+     char          *args[7];
+     int            ret, trackNum;
+-    char           error[255], data[255], trackURI[256],
++    char           error[256], data[256], trackURI[256],
+                    artistURI[256], albumURI[256];
+     char           temp[100], duration[100], status[100];
+ 
+@@ -160,7 +160,7 @@
+             if (mb_Select1(o, MBS_SelectReleaseDate, j))
+             {
+                 // Pull back the release date and release country
+-                if (mb_GetResultData(o, MBE_ReleaseGetDate, temp, 256))
++                if (mb_GetResultData(o, MBE_ReleaseGetDate, temp, 100))
+                 {
+                     int month = 0, day = 0, year = 0;
+ 



Home | Main Index | Thread Index | Old Index