Fixed the patch for CVE-2007-3316.

2007-06-22 14:32:24 +00:00 · 2007-06-22 14:32:24 +00:00 · 1e25c97437
commit 1e25c97437
parent 4c80c2d36b
2 changed files with 6 additions and 8 deletions
--- a/multimedia/vlc/distinfo
+++ b/multimedia/vlc/distinfo
@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.11 2007/06/22 14:13:16 lkundrak Exp $
+$NetBSD: distinfo,v 1.12 2007/06/22 14:32:24 lkundrak Exp $

 SHA1 (vlc-0.8.5.tar.bz2) = 2f0a26a336a5211f32c7bcc653dfd0b27f1fb26b
 RMD160 (vlc-0.8.5.tar.bz2) = d24140a5b4bf771754028090e103bb5c171e4fd8
@ -10,7 +10,7 @@ SHA1 (patch-ag) = 44061c0018d97c45d4edfdb2a16192f3c99024f8
 SHA1 (patch-ah) = 5a355a70b7b39c0a33db7cc37e3944f903686d3f
 SHA1 (patch-ai) = 655df187ab529eb30753531dafbf4b68f7a85785
 SHA1 (patch-aj) = ff16b192696f7a8517b2bf343697cb81c6041015
-SHA1 (patch-ak) = 62e4c366c6ad39fdadf3e9484f1ee46a2f5680ab
+SHA1 (patch-ak) = e9d9a6073134861033cb10820ec2307d3ca42e3d
 SHA1 (patch-al) = d363baa7a1d4150b2b12376652650295e546f0fe
 SHA1 (patch-am) = 7d212c47879c718a7685fe94660c9fa71a02f4c3
 SHA1 (patch-an) = 6388e50ad6b7c4cc6860759d514ca691b996ee45
--- a/multimedia/vlc/patches/patch-ak
+++ b/multimedia/vlc/patches/patch-ak
@ -1,22 +1,20 @@
-$NetBSD: patch-ak,v 1.1 2007/06/22 14:13:16 lkundrak Exp $
+$NetBSD: patch-ak,v 1.2 2007/06/22 14:32:24 lkundrak Exp $

 Fix for CVE-2007-3316 format-string vulnerability in CDDA module described
 by VideoLAN-SA-0702 advisory.  Backported from 0.8.6c.

--- modules/access/cdda.c.orig	2007-06-22 16:00:43.000000000 +0200
+--- modules/access/cdda.c.orig	2006-05-06 17:52:18.000000000 +0200
 +++ modules/access/cdda.c
-@@ -630,7 +630,9 @@ static int GetTracks( access_t *p_access
+@@ -630,7 +630,7 @@ static int GetTracks( access_t *p_access
                     {
                         vlc_input_item_AddInfo( &p_item->input,
                                             _(VLC_META_INFO_CAT),
 -                                            _(VLC_META_TITLE),
 +                                            _(VLC_META_TITLE), "%s", 
-+                                             cddb_track_get_title( t ) );
-+
                                             cddb_track_get_title( t ) );
                         if( p_item->input.psz_name )
                             free( p_item->input.psz_name );
-@@ -641,7 +643,7 @@ static int GetTracks( access_t *p_access
+@@ -641,7 +641,7 @@ static int GetTracks( access_t *p_access
                     if( psz_result )
                     {
                         vlc_input_item_AddInfo( &p_item->input,