diff options
author | Alexander Leidinger <netchild@FreeBSD.org> | 2004-03-27 14:16:04 +0000 |
---|---|---|
committer | Alexander Leidinger <netchild@FreeBSD.org> | 2004-03-27 14:16:04 +0000 |
commit | f14a57d93b305b87b31ca4125e9a3fe58932b847 (patch) | |
tree | b95f53989ad9c62ac72e6fa94c82e6502179b7a6 | |
parent | BROKEN: Unfetchable (diff) |
- Fix security issues (and remove forbidden):
* Patch for CAN-2003-0577 was obtained via OpenBSD from
http://marc.theaimsgroup.com/?l=bugtraq&m=104274357314340&w=2
* Patch for CAN-2003-0865 was obtained via OpenBSD from
http://www.debian.org/security/2004/dsa-435
Submitted by: Marius Strobl <marius@alchemy.franken.de>
-rw-r--r-- | audio/mpg123/Makefile | 4 | ||||
-rw-r--r-- | audio/mpg123/files/patch-common.c | 11 | ||||
-rw-r--r-- | audio/mpg123/files/patch-httpget.c | 23 |
3 files changed, 35 insertions, 3 deletions
diff --git a/audio/mpg123/Makefile b/audio/mpg123/Makefile index 94380941471a..d114a982f164 100644 --- a/audio/mpg123/Makefile +++ b/audio/mpg123/Makefile @@ -7,7 +7,7 @@ PORTNAME= mpg123 PORTVERSION= 0.59r -PORTREVISION= 12 +PORTREVISION= 13 CATEGORIES= audio ipv6 MASTER_SITES= http://www.mpg123.de/mpg123/ \ http://www-ti.informatik.uni-tuebingen.de/~hippm/mpg123/ @@ -24,8 +24,6 @@ PATCH_DIST_STRIP= -p1 MAINTAINER= ports@FreeBSD.org COMMENT= Command-line player for mpeg layer 1, 2 and 3 audio -FORBIDDEN= http://people.freebsd.org/~eik/portaudit/9fccad5a-7096-11d8-873f-0020ed76ef5a.html - WANT_GNOME= yes .if defined(WITH_ICONV) diff --git a/audio/mpg123/files/patch-common.c b/audio/mpg123/files/patch-common.c new file mode 100644 index 000000000000..3272a2a2f107 --- /dev/null +++ b/audio/mpg123/files/patch-common.c @@ -0,0 +1,11 @@ +--- common.c.orig Thu Jul 17 19:20:43 2003 ++++ common.c Thu Jul 17 19:22:04 2003 +@@ -123,7 +123,7 @@ int head_check(unsigned long head) + return FALSE; + if(!((head>>17)&3)) + return FALSE; +- if( ((head>>12)&0xf) == 0xf) ++ if( ((head>>12)&0xf) == 0xf || ((head>>12)&0xf) == 0) + return FALSE; + if( ((head>>10)&0x3) == 0x3 ) + return FALSE; diff --git a/audio/mpg123/files/patch-httpget.c b/audio/mpg123/files/patch-httpget.c new file mode 100644 index 000000000000..bebfaf9fe57c --- /dev/null +++ b/audio/mpg123/files/patch-httpget.c @@ -0,0 +1,23 @@ +--- httpget.c.orig 2003-11-13 18:34:37.000000000 +0000 ++++ httpget.c 2003-11-13 18:35:10.000000000 +0000 +@@ -55,11 +55,10 @@ void readstring (char *string, int maxle + #endif + int pos = 0; + +- while(1) { ++ while(pos < maxlen) { + if( read(fileno(f),string+pos,1) == 1) { + pos++; + if(string[pos-1] == '\n') { +- string[pos] = 0; + break; + } + } +@@ -68,6 +67,7 @@ void readstring (char *string, int maxle + exit(1); + } + } ++ string[pos] = 0; + #if 0 + do { + result = fgets(string, maxlen, f); |