Add patches to fix security vulnerability reported in XSA-2004-8.
Bump package revision because of this change.
This commit is contained in:
parent
9c608da385
commit
a62e3406ed
4 changed files with 47 additions and 3 deletions
|
@ -1,8 +1,8 @@
|
|||
# $NetBSD: Makefile,v 1.19 2005/03/30 10:23:45 tron Exp $
|
||||
# $NetBSD: Makefile,v 1.20 2005/04/26 12:48:34 tron Exp $
|
||||
|
||||
.include "Makefile.common"
|
||||
|
||||
PKGREVISION= 1
|
||||
PKGREVISION= 2
|
||||
|
||||
.if ${MACHINE_ARCH} == "i386"
|
||||
DEPENDS+= win32-codecs>=011227:../../multimedia/win32-codecs
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
$NetBSD: distinfo,v 1.16 2005/04/13 16:54:02 rillig Exp $
|
||||
$NetBSD: distinfo,v 1.17 2005/04/26 12:48:35 tron Exp $
|
||||
|
||||
SHA1 (xine-lib-1.0.tar.gz) = dd02fb31c68ae68e2283d02e16bb8e80fcced9fd
|
||||
RMD160 (xine-lib-1.0.tar.gz) = ad84871d50d51552ba8913c0744e4a2b2b21f124
|
||||
|
@ -11,6 +11,8 @@ SHA1 (patch-ae) = cf7486ed50a782fcfb17ad0985e76a7ae09a2938
|
|||
SHA1 (patch-ag) = 7be1e3d83e3757cf955523245be2deb4cea12998
|
||||
SHA1 (patch-ah) = 3f9b23c4a7994259056b73209a9e194db759f06d
|
||||
SHA1 (patch-ai) = f71e3cb57bf30cbf9653a469c040b6e3f717ba97
|
||||
SHA1 (patch-aj) = e9a26ede23d53d83c2799076770e49562a4fc1ea
|
||||
SHA1 (patch-ak) = 1dfd2c3d86904ef4869dde4f4309564ac6c9323c
|
||||
SHA1 (patch-am) = 10f6433a8549bdce60ace5dcbd51df85eaa7ea16
|
||||
SHA1 (patch-ao) = 1247ba7ef23f2b28b2c0a177208c912e2fc259a0
|
||||
SHA1 (patch-ap) = aaf63024c1049c1f2175d9974367a6b84ac3028f
|
||||
|
|
21
multimedia/xine-lib/patches/patch-aj
Normal file
21
multimedia/xine-lib/patches/patch-aj
Normal file
|
@ -0,0 +1,21 @@
|
|||
$NetBSD: patch-aj,v 1.5 2005/04/26 12:48:35 tron Exp $
|
||||
|
||||
--- src/input/mms.c 2005/01/18 23:25:34 1.55
|
||||
+++ src/input/mms.c 2005/04/21 19:02:43 1.56
|
||||
@@ -583,9 +583,13 @@
|
||||
lprintf ("stream object, stream id: %d, type: %d, encrypted: %d\n",
|
||||
stream_id, type, encrypted);
|
||||
|
||||
- this->stream_types[stream_id] = type;
|
||||
- this->stream_ids[this->num_stream_ids] = stream_id;
|
||||
- this->num_stream_ids++;
|
||||
+ if (this->num_stream_ids < ASF_MAX_NUM_STREAMS && stream_id < ASF_MAX_NUM_STREAMS) {
|
||||
+ this->stream_types[stream_id] = type;
|
||||
+ this->stream_ids[this->num_stream_ids] = stream_id;
|
||||
+ this->num_stream_ids++;
|
||||
+ } else {
|
||||
+ lprintf ("too many streams, skipping\n");
|
||||
+ }
|
||||
|
||||
}
|
||||
break;
|
21
multimedia/xine-lib/patches/patch-ak
Normal file
21
multimedia/xine-lib/patches/patch-ak
Normal file
|
@ -0,0 +1,21 @@
|
|||
$NetBSD: patch-ak,v 1.3 2005/04/26 12:48:35 tron Exp $
|
||||
|
||||
--- src/input/librtsp/rtsp.c 2004/07/25 17:13:54 1.18
|
||||
+++ src/input/librtsp/rtsp.c 2005/04/16 07:10:51 1.19
|
||||
@@ -218,6 +218,7 @@
|
||||
unsigned int answer_seq;
|
||||
char **answer_ptr=s->answers;
|
||||
int code;
|
||||
+ int ans_count = 0;
|
||||
|
||||
answer=rtsp_get(s);
|
||||
if (!answer)
|
||||
@@ -268,7 +269,7 @@
|
||||
}
|
||||
*answer_ptr=answer;
|
||||
answer_ptr++;
|
||||
- } while (strlen(answer)!=0);
|
||||
+ } while ((strlen(answer)!=0) && (++ans_count < MAX_FIELDS));
|
||||
|
||||
s->cseq++;
|
||||
|
Loading…
Reference in a new issue