cvs commit: ports/multimedia/mplayer Makefile
ports/multimedia/mplayer/files patch-libmpdemux_demuxer.h
Vasil Dimov
vd at FreeBSD.org
Thu Mar 9 08:42:29 UTC 2006
vd 2006-03-09 08:42:28 UTC
FreeBSD ports repository
Modified files:
multimedia/mplayer Makefile
Added files:
multimedia/mplayer/files patch-libmpdemux_demuxer.h
Log:
Fix mplayer vulnerability (heap overflow) in the ASF demuxer
Arbitrary remote code execution under the user ID running the player
when streaming an ASF file from a malicious server.
PR: ports/93767
Submitted by: "Thomas E. Zander" <riggs at rrr.de> (maintainer)
Approved by: portmgr (erwin)
Obtained from: mplayer CVS repo: http://www1.mplayerhq.hu/cgi-bin/cvsweb.cgi/main/libmpdemux/demuxer.h.diff?r2=1.90&r1=1.87&f=u
Security: heap overflow in the ASF demuxer (http://www.mplayerhq.hu/design7/news.html#vuln13, http://bugs.gentoo.org/show_bug.cgi?id=122029)
Revision Changes Path
1.130 +1 -1 ports/multimedia/mplayer/Makefile
1.1 +37 -0 ports/multimedia/mplayer/files/patch-libmpdemux_demuxer.h (new)
More information about the cvs-ports
mailing list