[Frugalware-darcs] frugalware-0.6: vlc-0.8.6-4terminus1-i686

voroskoi voroskoi at frugalware.org
Wed Jun 27 05:27:56 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20070627032339-dd049-1249ec3586de841596e7b8f77dc763031299fe5d.gz;

[vlc-0.8.6-4terminus1-i686
voroskoi <voroskoi at frugalware.org>**20070627032339
 secfix relbump, closes #2182
] {
addfile ./source/xmultimedia-extra/vlc/CVE-2007-3316.diff
hunk ./source/xmultimedia-extra/vlc/CVE-2007-3316.diff 1
+$NetBSD: patch-ak,v 1.1 2007/06/22 14:13:16 lkundrak Exp $
+
+Fix for CVE-2007-3316 format-string vulnerability in CDDA module described
+by VideoLAN-SA-0702 advisory.  Backported from 0.8.6c.
+
+--- modules/access/cdda.c.orig	2006-05-06 17:52:18.000000000 +0200
++++ modules/access/cdda.c
+@@ -630,7 +630,7 @@ static int GetTracks( access_t *p_access
+                     {
+                         vlc_input_item_AddInfo( &p_item->input,
+                                             _(VLC_META_INFO_CAT),
+-                                            _(VLC_META_TITLE),
++                                            _(VLC_META_TITLE), "%s", 
+                                             cddb_track_get_title( t ) );
+                         if( p_item->input.psz_name )
+                             free( p_item->input.psz_name );
+@@ -641,7 +641,7 @@ static int GetTracks( access_t *p_access
+                     if( psz_result )
+                     {
+                         vlc_input_item_AddInfo( &p_item->input,
+-                                            _(VLC_META_INFO_CAT),
++                                            _(VLC_META_INFO_CAT), "%s",
+                                             _(VLC_META_ARTIST), psz_result );
+                     }
+                 }
hunk ./source/xmultimedia-extra/vlc/FrugalBuild 7
-pkgrel=3
+pkgrel=4terminus1
hunk ./source/xmultimedia-extra/vlc/FrugalBuild 20
-	$pkgname-ffmpeg.diff $pkgname.desktop vlc-0.8.5-libintl.diff vlc-0.8.6-flac113.diff)
+	$pkgname-ffmpeg.diff $pkgname.desktop vlc-0.8.5-libintl.diff vlc-0.8.6-flac113.diff CVE-2007-3316.diff)
hunk ./source/xmultimedia-extra/vlc/FrugalBuild 56
-sha1sums=('f04cbc5c0db5e27955bb2d0e66e3f756a5de476e'\
+sha1sums=('734d38785376c80fcbebb18106affe97e78c280d'\
hunk ./source/xmultimedia-extra/vlc/FrugalBuild 60
-          '801e115ebe29904b668201e23a783a6289dad8e6')
+          '801e115ebe29904b668201e23a783a6289dad8e6'\
+          '5bba60e5c66d011043f685cc0be1674b02166ecc')
}


More information about the Frugalware-darcs mailing list