Date: Sun, 09 Nov 2008 17:08:56 +0100 From: Pav Lucistnik <pav@FreeBSD.org> To: Martin Wilke <miwi@FreeBSD.org> Cc: cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org, ports-committers@FreeBSD.org Subject: Re: cvs commit: ports/multimedia/vlc Makefile ports/multimedia/vlc/files patch-modules__access__vcd__cdrom.c Message-ID: <1226246936.31103.61.camel@hood.oook.cz> In-Reply-To: <200811091604.mA9G4Odk096477@repoman.freebsd.org> References: <200811091604.mA9G4Odk096477@repoman.freebsd.org>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] Tags slipped Martin Wilke píše v ne 09. 11. 2008 v 16:04 +0000: > miwi 2008-11-09 16:04:24 UTC > > FreeBSD ports repository > > Modified files: > multimedia/vlc Makefile > Added files: > multimedia/vlc/files patch-modules__access__vcd__cdrom.c > Log: > Fix a stack overflow vulnerability while parsing malformed cue files. > The vulnerability may be exploited by a (remote) attacker to execute > arbitrary code in the context of VLC media player. > > PR: 128660 > Submitted by: "Joseph S. Atkinson" <jsa@wickedmachine.net> (maintainer) > Security: http://www.vuxml.org/freebsd/4b09378e-addb-11dd-a578-0030843d3802.html > > Revision Changes Path > 1.178 +1 -1 ports/multimedia/vlc/Makefile > 1.1 +111 -0 ports/multimedia/vlc/files/patch-modules__access__vcd__cdrom.c (new) > -- Pav Lucistnik <pav@oook.cz> <pav@FreeBSD.org> One Unix to rule them all, One Resolver to find them, One IP to bring them all and in the zone to bind them. [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEABECAAYFAkkXCxgACgkQntdYP8FOsoKIegCeNE0IwIf0kuRQNnhk0bHX3ipN IJ4AoJqeLtOiDtIpqFAXjDI2m+pYwljK =EZmF -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1226246936.31103.61.camel>