Date: Fri, 26 May 2017 07:23:20 +0000 (UTC) From: Thomas Zander <riggs@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r441756 - head/multimedia/vlc Message-ID: <201705260723.v4Q7NKm8075501@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: riggs Date: Fri May 26 07:23:20 2017 New Revision: 441756 URL: https://svnweb.freebsd.org/changeset/ports/441756 Log: Update to upstream version 2.2.6 Details: This is a bugfix release for the recently discovered subtitle remote vulnerability, see http://blog.checkpoint.com/2017/05/23/hacked-in-translation/ In addition to the statements in this blog post, the VLC devs added bounds checks and string termination in multiple places in the subtitle demuxer. It is hence possible that, contrary to the blog post, this issue was not fixed completely in version 2.2.5.1 MFH: 2017Q2 Modified: head/multimedia/vlc/Makefile head/multimedia/vlc/distinfo Modified: head/multimedia/vlc/Makefile ============================================================================== --- head/multimedia/vlc/Makefile Fri May 26 06:54:53 2017 (r441755) +++ head/multimedia/vlc/Makefile Fri May 26 07:23:20 2017 (r441756) @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= vlc -DISTVERSION= 2.2.5.1 -PORTREVISION= 1 +DISTVERSION= 2.2.6 PORTEPOCH= 4 CATEGORIES= multimedia audio ipv6 net www MASTER_SITES= http://download.videolan.org/pub/videolan/${PORTNAME}/${DISTVERSION:S/a$//}/ \ Modified: head/multimedia/vlc/distinfo ============================================================================== --- head/multimedia/vlc/distinfo Fri May 26 06:54:53 2017 (r441755) +++ head/multimedia/vlc/distinfo Fri May 26 07:23:20 2017 (r441756) @@ -1,3 +1,3 @@ -TIMESTAMP = 1494659367 -SHA256 (vlc-2.2.5.1.tar.xz) = b28b8a28f578c0c6cb1ebed293aca2a3cd368906cf777d1ab599e2784ddda1cc -SIZE (vlc-2.2.5.1.tar.xz) = 21946020 +TIMESTAMP = 1495777516 +SHA256 (vlc-2.2.6.tar.xz) = c403d3accd9a400eb2181c958f3e7bc5524fe5738425f4253d42883b425a42a8 +SIZE (vlc-2.2.6.tar.xz) = 22198720
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201705260723.v4Q7NKm8075501>