ports/154451: [PATCH] multimedia/vlc: fix execution of arbitrary code [feature safe]
Ruslan Mahmatkhanov
cvs-src at yandex.ru
Tue Feb 1 20:40:10 UTC 2011
>Number: 154451
>Category: ports
>Synopsis: [PATCH] multimedia/vlc: fix execution of arbitrary code [feature safe]
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Tue Feb 01 20:40:09 UTC 2011
>Closed-Date:
>Last-Modified:
>Originator: Ruslan Mahmatkhanov
>Release: 8.2-PRERELEASE
>Organization:
>Environment:
8.2-PRERELEASE i386
>Description:
- advisory: http://www.videolan.org/security/sa1102.html
- patch is from there: http://git.videolan.org/?p=vlc.git;a=commit;h=59491dcedffbf97612d2c572943b56ee4289dd07
- bump PORTREVISION, because matroska is enabled by default
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
diff -ruNa vlc.orig/Makefile vlc/Makefile
--- vlc.orig/Makefile 2011-01-30 03:04:10.000000000 +0300
+++ vlc/Makefile 2011-02-01 23:33:07.000000000 +0300
@@ -8,6 +8,7 @@
PORTNAME= vlc
DISTVERSION= 1.1.6
PORTEPOCH= 3
+PORTREVISION= 1
CATEGORIES= multimedia audio ipv6 net www
MASTER_SITES= http://download.videolan.org/pub/videolan/${PORTNAME}/${DISTVERSION}/ \
http://ftp.snt.utwente.nl/pub/software/videolan/${PORTNAME}/${DISTVERSION}/ \
diff -ruNa vlc.orig/files/patch-modules-demux-mkv_mkv.hpp vlc/files/patch-modules-demux-mkv_mkv.hpp
--- vlc.orig/files/patch-modules-demux-mkv_mkv.hpp 1970-01-01 03:00:00.000000000 +0300
+++ vlc/files/patch-modules-demux-mkv_mkv.hpp 2011-02-01 23:30:00.000000000 +0300
@@ -0,0 +1,13 @@
+diff --git a/modules/demux/mkv/mkv.hpp b/modules/demux/mkv/mkv.hpp
+index f0e87c6..664cafa 100644
+--- a/modules/demux/mkv/mkv.hpp
++++ b/modules/demux/mkv/mkv.hpp
+@@ -115,7 +115,7 @@ extern "C" {
+
+ #define MKVD_TIMECODESCALE 1000000
+
+-#define MKV_IS_ID( el, C ) ( EbmlId( (*el) ) == C::ClassInfos.GlobalId )
++#define MKV_IS_ID( el, C ) ( el != NULL && typeid( *el ) == typeid( C ) )
+
+
+ using namespace LIBMATROSKA_NAMESPACE;
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list