Date: Mon, 23 Mar 2009 14:24:22 +0000 (UTC) From: Martin Wilke <miwi@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/audio/amarok Makefile ports/audio/amarok/files patch-tkadv2009-002 Message-ID: <200903231424.n2NEOMP7020103@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
miwi 2009-03-23 14:24:22 UTC
FreeBSD ports repository
Modified files:
audio/amarok Makefile
Added files:
audio/amarok/files patch-tkadv2009-002
Log:
- Fix multiple vulnerabilities
- Bump PORTREVISION
Note:
Two integer overflow errors exist within the "Audible::Tag::readTag()"
function in src/metadata/audible/audibletag.cpp. These can be exploited
to cause heap-based buffer overflows via specially crafted Audible Audio
files.
Two errors within the "Audible::Tag::readTag()" function in
src/metadata/audible/audibletag.cpp can be exploited to corrupt
arbitrary memory via specially crafted Audible Audio files.
PR: 132938
Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru>
Approved by: makc (maintainer)
Security: http://www.vuxml.org/freebsd/6bb6188c-17b2-11de-ae4d-0030843d3802.html
Revision Changes Path
1.92 +1 -1 ports/audio/amarok/Makefile
1.1 +85 -0 ports/audio/amarok/files/patch-tkadv2009-002 (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200903231424.n2NEOMP7020103>