From owner-cvs-ports@FreeBSD.ORG  Mon Mar 23 14:24:22 2009
Return-Path: <owner-cvs-ports@FreeBSD.ORG>
Delivered-To: cvs-ports@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8ECDA1065674;
	Mon, 23 Mar 2009 14:24:22 +0000 (UTC)
	(envelope-from miwi@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org
	[IPv6:2001:4f8:fff6::29])
	by mx1.freebsd.org (Postfix) with ESMTP id 7D6C38FC1A;
	Mon, 23 Mar 2009 14:24:22 +0000 (UTC)
	(envelope-from miwi@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n2NEOMMX020104;
	Mon, 23 Mar 2009 14:24:22 GMT
	(envelope-from miwi@repoman.freebsd.org)
Received: (from miwi@localhost)
	by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n2NEOMP7020103;
	Mon, 23 Mar 2009 14:24:22 GMT (envelope-from miwi)
Message-Id: <200903231424.n2NEOMP7020103@repoman.freebsd.org>
From: Martin Wilke <miwi@FreeBSD.org>
Date: Mon, 23 Mar 2009 14:24:22 +0000 (UTC)
To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: ports/audio/amarok Makefile ports/audio/amarok/files
 patch-tkadv2009-002
X-BeenThere: cvs-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the ports tree <cvs-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-ports>
List-Post: <mailto:cvs-ports@freebsd.org>
List-Help: <mailto:cvs-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-ports>,
	<mailto:cvs-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 23 Mar 2009 14:24:23 -0000

miwi        2009-03-23 14:24:22 UTC

  FreeBSD ports repository

  Modified files:
    audio/amarok         Makefile 
  Added files:
    audio/amarok/files   patch-tkadv2009-002 
  Log:
  - Fix multiple vulnerabilities
  - Bump PORTREVISION
  
  Note:
          Two integer overflow errors exist within the "Audible::Tag::readTag()"
          function in src/metadata/audible/audibletag.cpp. These can be exploited
          to cause heap-based buffer overflows via specially crafted Audible Audio
          files.
  
          Two errors within the "Audible::Tag::readTag()" function in
          src/metadata/audible/audibletag.cpp can be exploited to corrupt
          arbitrary memory via specially crafted Audible Audio files.
  
  PR:             132938
  Submitted by:   Eygene Ryabinkin <rea-fbsd@codelabs.ru>
  Approved by:    makc (maintainer)
  Security:       http://www.vuxml.org/freebsd/6bb6188c-17b2-11de-ae4d-0030843d3802.html
  
  Revision  Changes    Path
  1.92      +1 -1      ports/audio/amarok/Makefile
  1.1       +85 -0     ports/audio/amarok/files/patch-tkadv2009-002 (new)