pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/multimedia Add patch from the MPlayer SVN repository t...
details: https://anonhg.NetBSD.org/pkgsrc/rev/6644142b7d89
branches: trunk
changeset: 529544:6644142b7d89
user: tron <tron%pkgsrc.org@localhost>
date: Thu Jun 07 13:19:54 2007 +0000
description:
Add patch from the MPlayer SVN repository to fix an overflow in the
CDDB code reported in CVE-2007-2948. Bump package revision.
diffstat:
multimedia/gmplayer/Makefile | 4 ++--
multimedia/gmplayer/distinfo | 3 ++-
multimedia/mplayer-share/patches/patch-ae | 31 +++++++++++++++++++++++++++++++
multimedia/mplayer/Makefile | 4 ++--
4 files changed, 37 insertions(+), 5 deletions(-)
diffs (83 lines):
diff -r cc746c6f4ab3 -r 6644142b7d89 multimedia/gmplayer/Makefile
--- a/multimedia/gmplayer/Makefile Thu Jun 07 13:05:13 2007 +0000
+++ b/multimedia/gmplayer/Makefile Thu Jun 07 13:19:54 2007 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.59 2007/01/31 00:04:12 wiz Exp $
+# $NetBSD: Makefile,v 1.60 2007/06/07 13:19:54 tron Exp $
#
# NOTE: if you are updating both mplayer and gmplayer, you must ensure
@@ -9,7 +9,7 @@
#
PKGNAME= gmplayer-${MPLAYER_PKG_VERSION}
-PKGREVISION= 1
+PKGREVISION= 2
BROKEN_IN= pkgsrc-2006Q4
diff -r cc746c6f4ab3 -r 6644142b7d89 multimedia/gmplayer/distinfo
--- a/multimedia/gmplayer/distinfo Thu Jun 07 13:05:13 2007 +0000
+++ b/multimedia/gmplayer/distinfo Thu Jun 07 13:19:54 2007 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.46 2007/03/23 07:40:12 wiz Exp $
+$NetBSD: distinfo,v 1.47 2007/06/07 13:19:54 tron Exp $
SHA1 (gmplayer-1.0rc9-20060123/AlienMind-1.2.tar.bz2) = 34370da1e003e4accceae194a63483aa6eebc4dc
RMD160 (gmplayer-1.0rc9-20060123/AlienMind-1.2.tar.bz2) = f3fda7d44a59f98097162f76d0a0d58840974998
@@ -67,6 +67,7 @@
SHA1 (patch-ab) = 29bf59ecb3d283708ae1c5002d1fa71cac627cc9
SHA1 (patch-ac) = 6d0de4bd41d9842ea1bf46e9fbe60bf6a943b913
SHA1 (patch-ad) = d0b72eaa5e63d2cfd7828ea1a9973f1728c607b5
+SHA1 (patch-ae) = b725fce8f4dfb7b06f6de388265ce317f22824e9
SHA1 (patch-ah) = 7aeb9f04d622fcad8c40dc9edbb0a58277fc622b
SHA1 (patch-ai) = bcf45db81587d99fc69ae5fcf89ff4a4b8f6f53c
SHA1 (patch-aj) = 40ba1625f85f0264628013ad0209aa095e8e5d3f
diff -r cc746c6f4ab3 -r 6644142b7d89 multimedia/mplayer-share/patches/patch-ae
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/multimedia/mplayer-share/patches/patch-ae Thu Jun 07 13:19:54 2007 +0000
@@ -0,0 +1,31 @@
+$NetBSD: patch-ae,v 1.7 2007/06/07 13:19:54 tron Exp $
+
+--- stream/stream_cddb.c.orig 2006-10-22 23:32:25.000000000 +0100
++++ stream/stream_cddb.c 2007-06-07 13:57:35.000000000 +0100
+@@ -435,7 +435,7 @@
+
+ switch(status) {
+ case 210:
+- ret = sscanf( http_hdr->body, "%d %s %08lx", &status, category, &disc_id);
++ ret = sscanf( http_hdr->body, "%d %99s %08lx", &status, category, &disc_id);
+ if( ret!=3 ) {
+ mp_msg(MSGT_DEMUX, MSGL_ERR, MSGTR_ParseError);
+ return -1;
+@@ -496,7 +496,7 @@
+ ptr++;
+ // We have a list of exact/inexact matches, so which one do we use?
+ // So let's take the first one.
+- ret = sscanf(ptr, "%s %08lx %s", cddb_data->category, &(cddb_data->disc_id), album_title);
++ ret = sscanf(ptr, "%99s %08lx %99s", cddb_data->category, &(cddb_data->disc_id), album_title);
+ if( ret!=3 ) {
+ mp_msg(MSGT_DEMUX, MSGL_ERR, MSGTR_ParseError);
+ return -1;
+@@ -533,7 +533,7 @@
+ switch(status) {
+ case 200:
+ // Found exact match
+- ret = sscanf(http_hdr->body, "%d %s %08lx %s", &status, cddb_data->category, &(cddb_data->disc_id), album_title);
++ ret = sscanf(http_hdr->body, "%d %99s %08lx %99s", &status, cddb_data->category, &(cddb_data->disc_id), album_title);
+ if( ret!=4 ) {
+ mp_msg(MSGT_DEMUX, MSGL_ERR, MSGTR_ParseError);
+ return -1;
diff -r cc746c6f4ab3 -r 6644142b7d89 multimedia/mplayer/Makefile
--- a/multimedia/mplayer/Makefile Thu Jun 07 13:05:13 2007 +0000
+++ b/multimedia/mplayer/Makefile Thu Jun 07 13:19:54 2007 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.41 2007/03/09 15:14:16 drochner Exp $
+# $NetBSD: Makefile,v 1.42 2007/06/07 13:19:54 tron Exp $
PKGNAME= mplayer-${MPLAYER_PKG_VERSION}
-PKGREVISION= 5
+PKGREVISION= 6
COMMENT= Software-only MPEG-1/2/4 video decoder
Home |
Main Index |
Thread Index |
Old Index