pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/audio/vorbis-tools SECURITY: Fix CVE-2014-9640.
details: https://anonhg.NetBSD.org/pkgsrc/rev/daa887f9b1d9
branches: trunk
changeset: 648860:daa887f9b1d9
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Sat Mar 21 19:06:54 2015 +0000
description:
SECURITY: Fix CVE-2014-9640.
https://trac.xiph.org/changeset/19117
oggenc: fix crash on raw file close, reported by Hanno in issue #2009. pointer
to a non-static struct was escaping its scope.
diffstat:
audio/vorbis-tools/Makefile | 4 ++--
audio/vorbis-tools/distinfo | 4 ++--
audio/vorbis-tools/patches/patch-ac | 32 +++++++++++++++++++++++++++-----
3 files changed, 31 insertions(+), 9 deletions(-)
diffs (91 lines):
diff -r ded80b14bd99 -r daa887f9b1d9 audio/vorbis-tools/Makefile
--- a/audio/vorbis-tools/Makefile Sat Mar 21 18:48:36 2015 +0000
+++ b/audio/vorbis-tools/Makefile Sat Mar 21 19:06:54 2015 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.60 2014/02/12 23:17:35 tron Exp $
+# $NetBSD: Makefile,v 1.61 2015/03/21 19:06:54 bsiegert Exp $
DISTNAME= vorbis-tools-1.4.0
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= audio
MASTER_SITES= http://downloads.xiph.org/releases/vorbis/
diff -r ded80b14bd99 -r daa887f9b1d9 audio/vorbis-tools/distinfo
--- a/audio/vorbis-tools/distinfo Sat Mar 21 18:48:36 2015 +0000
+++ b/audio/vorbis-tools/distinfo Sat Mar 21 19:06:54 2015 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.23 2010/11/09 13:13:03 adam Exp $
+$NetBSD: distinfo,v 1.24 2015/03/21 19:06:54 bsiegert Exp $
SHA1 (vorbis-tools-1.4.0.tar.gz) = fc6a820bdb5ad6fcac074721fab5c3f96eaf6562
RMD160 (vorbis-tools-1.4.0.tar.gz) = ff21e5c9456ac0a82b8eda4e53931db8522a2ccd
Size (vorbis-tools-1.4.0.tar.gz) = 1346532 bytes
SHA1 (patch-aa) = ea37946fb3a227d91eeb3ea94a9a7c9f8a3ef021
SHA1 (patch-ab) = 00c0a5a9388baf79fd944e12cda1da65e2e8676c
-SHA1 (patch-ac) = 43f270b53044c54cf682ee084fa29592cf2b0eeb
+SHA1 (patch-ac) = 781ad97014c81f9fd40166cc29112247ef4acd6d
SHA1 (patch-ae) = 60ca36c35325e4228ea7f7f5b3a60cd57b56b0cd
diff -r ded80b14bd99 -r daa887f9b1d9 audio/vorbis-tools/patches/patch-ac
--- a/audio/vorbis-tools/patches/patch-ac Sat Mar 21 18:48:36 2015 +0000
+++ b/audio/vorbis-tools/patches/patch-ac Sat Mar 21 19:06:54 2015 +0000
@@ -1,8 +1,30 @@
-$NetBSD: patch-ac,v 1.9 2010/11/09 13:13:03 adam Exp $
+$NetBSD: patch-ac,v 1.10 2015/03/21 19:06:54 bsiegert Exp $
+https://trac.xiph.org/changeset/19117
+oggenc: fix crash on raw file close, reported by Hanno in issue #2009. pointer
+to a non-static struct was escaping its scope.
--- oggenc/oggenc.c.orig 2010-03-26 07:07:07.000000000 +0000
+++ oggenc/oggenc.c
-@@ -779,6 +779,8 @@ static void parse_options(int argc, char
+@@ -97,6 +97,8 @@ int main(int argc, char **argv)
+ .3,-1,
+ 0,0,0.f,
+ 0, 0, 0, 0, 0};
++ input_format raw_format = {NULL, 0, raw_open, wav_close, "raw",
++ N_("RAW file reader")};
+
+ int i;
+
+@@ -239,9 +241,6 @@ int main(int argc, char **argv)
+
+ if(opt.rawmode)
+ {
+- input_format raw_format = {NULL, 0, raw_open, wav_close, "raw",
+- N_("RAW file reader")};
+-
+ enc_opts.rate=opt.raw_samplerate;
+ enc_opts.channels=opt.raw_channels;
+ enc_opts.samplesize=opt.raw_samplesize;
+@@ -779,6 +778,8 @@ static void parse_options(int argc, char
break;
case 'a':
@@ -11,7 +33,7 @@
opt->artist = realloc(opt->artist, (++opt->artist_count)*sizeof(char *));
opt->artist[opt->artist_count - 1] = strdup(optarg);
break;
-@@ -791,10 +793,14 @@ static void parse_options(int argc, char
+@@ -791,10 +792,14 @@ static void parse_options(int argc, char
opt->comments[opt->comment_count - 1] = strdup(optarg);
break;
case 'd':
@@ -26,7 +48,7 @@
opt->genre = realloc(opt->genre, (++opt->genre_count)*sizeof(char *));
opt->genre[opt->genre_count - 1] = strdup(optarg);
break;
-@@ -803,6 +809,8 @@ static void parse_options(int argc, char
+@@ -803,6 +808,8 @@ static void parse_options(int argc, char
exit(0);
break;
case 'l':
@@ -35,7 +57,7 @@
opt->album = realloc(opt->album, (++opt->album_count)*sizeof(char *));
opt->album[opt->album_count - 1] = strdup(optarg);
break;
-@@ -815,6 +823,8 @@ static void parse_options(int argc, char
+@@ -815,6 +822,8 @@ static void parse_options(int argc, char
opt->fixedserial = 1;
break;
case 't':
Home |
Main Index |
Thread Index |
Old Index