pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2009Q3]: pkgsrc/audio/libvorbis Pullup ticket #2943 - requeste...
details: https://anonhg.NetBSD.org/pkgsrc/rev/db6ad68e07f4
branches: pkgsrc-2009Q3
changeset: 399993:db6ad68e07f4
user: tron <tron%pkgsrc.org@localhost>
date: Thu Dec 03 10:16:10 2009 +0000
description:
Pullup ticket #2943 - requested by wiz
libvorbis: security patch
Revisions pulled up:
- audio/libvorbis/Makefile 1.49
- audio/libvorbis/distinfo 1.18
- audio/libvorbis/patches/patch-aa 1.5
- audio/libvorbis/patches/patch-ab 1.5
---
Module Name: pkgsrc
Committed By: wiz
Date: Wed Dec 2 12:41:25 UTC 2009
Modified Files:
pkgsrc/audio/libvorbis: Makefile distinfo
Added Files:
pkgsrc/audio/libvorbis/patches: patch-aa patch-ab
Log Message:
Apply some possible security fixes from upstream SVN.
Glanced from links in mozilla advisory
http://www.mozilla.org/security/announce/2009/mfsa2009-63.html
and Fedora Core patches for 1.2.0.
Bump PKGREVISION.
diffstat:
audio/libvorbis/Makefile | 3 ++-
audio/libvorbis/distinfo | 4 +++-
audio/libvorbis/patches/patch-aa | 14 ++++++++++++++
audio/libvorbis/patches/patch-ab | 15 +++++++++++++++
4 files changed, 34 insertions(+), 2 deletions(-)
diffs (61 lines):
diff -r 070ddfab9cfe -r db6ad68e07f4 audio/libvorbis/Makefile
--- a/audio/libvorbis/Makefile Thu Dec 03 10:07:48 2009 +0000
+++ b/audio/libvorbis/Makefile Thu Dec 03 10:16:10 2009 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.48 2009/07/17 20:28:21 wiz Exp $
+# $NetBSD: Makefile,v 1.48.2.1 2009/12/03 10:16:10 tron Exp $
DISTNAME= libvorbis-1.2.3
+PKGREVISION= 1
CATEGORIES= devel audio
MASTER_SITES= http://downloads.xiph.org/releases/vorbis/
diff -r 070ddfab9cfe -r db6ad68e07f4 audio/libvorbis/distinfo
--- a/audio/libvorbis/distinfo Thu Dec 03 10:07:48 2009 +0000
+++ b/audio/libvorbis/distinfo Thu Dec 03 10:16:10 2009 +0000
@@ -1,5 +1,7 @@
-$NetBSD: distinfo,v 1.17 2009/07/17 20:28:21 wiz Exp $
+$NetBSD: distinfo,v 1.17.2.1 2009/12/03 10:16:10 tron Exp $
SHA1 (libvorbis-1.2.3.tar.gz) = a93251aa5e4f142db4fa6433de80797f80960fac
RMD160 (libvorbis-1.2.3.tar.gz) = e80ad7de3c2599e0d88994876407ac8fe3c9a0e7
Size (libvorbis-1.2.3.tar.gz) = 1474492 bytes
+SHA1 (patch-aa) = bd1534e2f680d5621a7909fd0b197d9d8c52b91d
+SHA1 (patch-ab) = b253546a863893e96569d8afb5e626ffe5f226dc
diff -r 070ddfab9cfe -r db6ad68e07f4 audio/libvorbis/patches/patch-aa
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/audio/libvorbis/patches/patch-aa Thu Dec 03 10:16:10 2009 +0000
@@ -0,0 +1,14 @@
+$NetBSD: patch-aa,v 1.5.2.2 2009/12/03 10:16:10 tron Exp $
+
+SVN r16957
+
+--- lib/codebook.c.orig 2009-07-09 09:12:08.000000000 +0000
++++ lib/codebook.c
+@@ -198,6 +198,7 @@ int vorbis_staticbook_unpack(oggpack_buf
+ for(i=0;i<s->entries;){
+ long num=oggpack_read(opb,_ilog(s->entries-i));
+ if(num==-1)goto _eofout;
++ if(length>32)goto _errout;
+ for(j=0;j<num && i<s->entries;j++,i++)
+ s->lengthlist[i]=length;
+ length++;
diff -r 070ddfab9cfe -r db6ad68e07f4 audio/libvorbis/patches/patch-ab
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/audio/libvorbis/patches/patch-ab Thu Dec 03 10:16:10 2009 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-ab,v 1.5.2.2 2009/12/03 10:16:10 tron Exp $
+
+SVN 16326.
+
+--- lib/backends.h.orig 2009-07-09 09:12:08.000000000 +0000
++++ lib/backends.h
+@@ -111,7 +111,7 @@ typedef struct vorbis_info_residue0{
+ int partitions; /* possible codebooks for a partition */
+ int groupbook; /* huffbook for partitioning */
+ int secondstages[64]; /* expanded out to pointers in lookup */
+- int booklist[256]; /* list of second stage books */
++ int booklist[512]; /* list of second stage books */
+
+ const float classmetric1[64];
+ const float classmetric2[64];
Home |
Main Index |
Thread Index |
Old Index