diff options
| author | Ian Delaney <idella4@gentoo.org> | 2015-10-28 09:40:00 +0800 |
|---|---|---|
| committer | Ian Delaney <idella4@gentoo.org> | 2015-10-28 09:43:01 +0800 |
| commit | 512cacd39f22b2bfde6725f09d0f08ff37e8bbd6 (patch) | |
| tree | a72deead16aad31d20af5d19be5e01178e0f90d2 /media-video | |
| parent | 1372f537e6174a658fd2ea1b60aaeb7716fe6941 (diff) | |
| download | gentoo-512cacd39f22b2bfde6725f09d0f08ff37e8bbd6.tar.gz gentoo-512cacd39f22b2bfde6725f09d0f08ff37e8bbd6.tar.xz | |
media-video/vlc: revbump -> -2.2.1-r1, sec patch CVE-2015-5949
patch submitted by proxy maintainer via the gentoo bug, also
runtested by Amynka, removed initial vlc-2.2.1.ebuild
Gentoo bug: #558418
Package-Manager: portage-2.2.23
Diffstat (limited to 'media-video')
| -rw-r--r-- | media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch | 15 | ||||
| -rw-r--r-- | media-video/vlc/vlc-2.2.1-r1.ebuild (renamed from media-video/vlc/vlc-2.2.1.ebuild) | 3 |
2 files changed, 18 insertions, 0 deletions
diff --git a/media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch b/media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch new file mode 100644 index 00000000000..83a52582a99 --- /dev/null +++ b/media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch @@ -0,0 +1,15 @@ +https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=ce91452460a75d7424b165c4dc8db98114c3cbd9;hp=9e12195d3e4316278af1fa4bcb6a705ff27456fd +--- a/modules/demux/mp4/libmp4.c ++++ b/modules/demux/mp4/libmp4.c +@@ -3643,6 +3643,11 @@ void MP4_BoxFree( stream_t *s, MP4_Box_t *p_box ) + { + for( i_index = 0; ; i_index++ ) + { ++ if ( MP4_Box_Function[i_index].i_parent && ++ p_box->p_father && ++ p_box->p_father->i_type != MP4_Box_Function[i_index].i_parent ) ++ continue; ++ + if( ( MP4_Box_Function[i_index].i_type == p_box->i_type )|| + ( MP4_Box_Function[i_index].i_type == 0 ) ) + { diff --git a/media-video/vlc/vlc-2.2.1.ebuild b/media-video/vlc/vlc-2.2.1-r1.ebuild index 73ab21a6bc6..be3ece403be 100644 --- a/media-video/vlc/vlc-2.2.1.ebuild +++ b/media-video/vlc/vlc-2.2.1-r1.ebuild @@ -250,6 +250,7 @@ src_prepare() { # We are not in a real git checkout due to the absence of a .git directory. touch src/revision.txt || die + # PATCHES # Fix build system mistake. epatch "${FILESDIR}"/${PN}-2.1.0-fix-libtremor-libs.patch @@ -271,6 +272,8 @@ src_prepare() { # Add missed header imgproc_c.h, imgproc.hpp, bug #554562 epatch "${FILESDIR}"/opencv-3.0.0.patch + epatch "${FILESDIR}"//${P}-CVE-2015-5949.patch + # Don't use --started-from-file when not using dbus. if ! use dbus ; then sed -i 's/ --started-from-file//' share/vlc.desktop.in || die |