Date: Sun, 18 Mar 2012 03:45:09 -0700 (PDT) From: "Jason E. Hale" <bsdkaffee@gmail.com> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/166219: [MAINTAINER] audio/taglib: Update to 1.7.1, fix vulnerabilities Message-ID: <4f65bcb5.84c6e00a.55ca.ffffa43f@mx.google.com> Resent-Message-ID: <201203181050.q2IAoFjf048484@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 166219 >Category: ports >Synopsis: [MAINTAINER] audio/taglib: Update to 1.7.1, fix vulnerabilities >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Sun Mar 18 10:50:14 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Jason E. Hale >Release: FreeBSD 9.0-RELEASE i386 >Organization: none >Environment: System: FreeBSD mocha.verizon.net 9.0-RELEASE FreeBSD 9.0-RELEASE #0: Thu Jan 19 11:42:41 EST 2012 Jason@mocha.verizon.net:/usr/obj/usr/src/sys/MOCHA9 i386 >Description: - Update audio/taglib to 1.7.1 - This fixes multiple security vulnerabilities found in the previous versions - Fixes CVE-2012-1107 and CVE-2012-1108 - As reported by Zubin Mithra: https://bugs.launchpad.net/ubuntu/+source/taglib/+bug/945415 - Arrange MASTER_SITES so most reliable site is tried first - Move LICENSE to satisfy portlint >How-To-Repeat: - Use attached diff >Fix: --- 2012-03-17-taglib.diff begins here --- diff -ruN taglib.orig/Makefile taglib/Makefile --- taglib.orig/Makefile 2012-03-17 20:24:13.000000000 -0400 +++ taglib/Makefile 2012-03-17 20:56:56.000000000 -0400 @@ -6,26 +6,25 @@ # PORTNAME= taglib -PORTVERSION= 1.7 +PORTVERSION= 1.7.1 CATEGORIES= audio -MASTER_SITES= http://developer.kde.org/~wheeler/files/src/ \ - http://cloud.github.com/downloads/taglib/taglib/ \ +MASTER_SITES= http://cloud.github.com/downloads/taglib/taglib/ \ + http://developer.kde.org/~wheeler/files/src/ \ http://launchpad.net/taglib/trunk/${PORTVERSION}/+download/ MAINTAINER= bsdkaffee@gmail.com COMMENT= Library for manipulating ID3 tags and Ogg comments -USE_CMAKE= yes -USE_LDCONFIG= yes -MAKE_JOBS_SAFE= yes - LICENSE= LGPL21 MPL LICENSE_COMB= dual LICENSE_FILE_LGPL21= ${WRKSRC}/COPYING.LGPL LICENSE_FILE_MPL= ${WRKSRC}/COPYING.MPL +USE_CMAKE= yes CMAKE_ARGS= -DWITH_ASF:BOOL=ON \ -DWITH_MP4:BOOL=ON +MAKE_JOBS_SAFE= yes +USE_LDCONFIG= yes OPTIONS= RCC "Build with RusXMMS librcc patches (experimental)" off diff -ruN taglib.orig/distinfo taglib/distinfo --- taglib.orig/distinfo 2012-03-17 20:24:12.000000000 -0400 +++ taglib/distinfo 2012-03-17 20:25:00.000000000 -0400 @@ -1,2 +1,2 @@ -SHA256 (taglib-1.7.tar.gz) = 09defb8dbfc35911179ab23757d744774738664df893c0fc6d8f1398b3ab773f -SIZE (taglib-1.7.tar.gz) = 533974 +SHA256 (taglib-1.7.1.tar.gz) = 52de470997b604b7b2983f7bcf604ca8d2ce0194fbe16f2ce1aff42e53fb87d9 +SIZE (taglib-1.7.1.tar.gz) = 535319 diff -ruN taglib.orig/pkg-plist taglib/pkg-plist --- taglib.orig/pkg-plist 2012-03-17 20:24:13.000000000 -0400 +++ taglib/pkg-plist 2012-03-17 21:00:10.000000000 -0400 @@ -82,7 +82,7 @@ include/taglib/xiphcomment.h lib/libtag.so lib/libtag.so.1 -lib/libtag.so.1.7.0 +lib/libtag.so.1.7.1 lib/libtag_c.so lib/libtag_c.so.0 lib/libtag_c.so.0.0.0 --- 2012-03-17-taglib.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4f65bcb5.84c6e00a.55ca.ffffa43f>