cvs commit: ports/multimedia/mplayer Makefile
ports/multimedia/mplayer/files patch-CVE-2008-3827
Martin Wilke
miwi at FreeBSD.org
Wed Oct 1 19:23:58 UTC 2008
miwi 2008-10-01 19:23:57 UTC
FreeBSD ports repository
Modified files:
multimedia/mplayer Makefile
Added files:
multimedia/mplayer/files patch-CVE-2008-3827
Log:
- Fix a vulnerability which could result in arbitrary code execution
and at least, in unexpected process termination. Three integer
underflows located in the Real demuxer code can be used to exploit
a heap overflow, a specific video file can be crafted in order to make
the stream_read function read or write arbitrary amounts of memory.
Approved by: maintainer via private mail
Security: http://www.vuxml.org/freebsd/724e6f93-8f2a-11dd-821f-001cc0377035.html
Revision Changes Path
1.177 +1 -1 ports/multimedia/mplayer/Makefile
1.1 +28 -0 ports/multimedia/mplayer/files/patch-CVE-2008-3827 (new)
More information about the cvs-ports
mailing list