[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

MPlayer remotely exploitable heap overflow fix



Hi. A remotely exploitable buffer overflow vulnerability was found in
MPlayer. The MPlayer Core Team release a vuln-fix-only release on
2003.03.30 16:45:00 (CEST). This patch updates the port to this version.
Please test it & comment it.
More info: http://www.mplayerhq.hu/homepage/design6/news.html

P.S.: Bjorn do you have any objection?

Regards

-- 
Robert Nagy <thuglife_(_at_)_bsd_(_dot_)_hu>
http://thuglife.frontember.hu
Index: Makefile
===================================================================
RCS file: /cvs/ports/x11/mplayer/Makefile,v
retrieving revision 1.67
diff -u -r1.67 Makefile
--- Makefile	2004/03/15 22:42:28	1.67
+++ Makefile	2004/03/30 17:15:47
@@ -5,7 +5,7 @@
 
 COMMENT=		"Movie player supporting MPEG, DivX, AVI, ASF, MOV & more"
 
-DISTNAME=		MPlayer-1.0pre3
+DISTNAME=		MPlayer-1.0pre3try2
 DIST_SUBDIR=		mplayer
 PKGNAME=		${DISTNAME:L}
 CATEGORIES=		x11
Index: distinfo
===================================================================
RCS file: /cvs/ports/x11/mplayer/distinfo,v
retrieving revision 1.18
diff -u -r1.18 distinfo
--- distinfo	2003/12/16 17:17:14	1.18
+++ distinfo	2004/03/30 17:15:47
@@ -1,6 +1,6 @@
-MD5 (mplayer/MPlayer-1.0pre3.tar.bz2) = 998becb79417c6a14d15c07e85188b82
+MD5 (mplayer/MPlayer-1.0pre3try2.tar.bz2) = 0d9f05eb112c03da3198da1e20c1772f
 MD5 (mplayer/default-1.7.tar.bz2) = 7e1d16c2f8a32469f4354cb043eecc5d
-RMD160 (mplayer/MPlayer-1.0pre3.tar.bz2) = ea27a37f55729271a6d6cae79f84be9f2cc912d3
+RMD160 (mplayer/MPlayer-1.0pre3try2.tar.bz2) = c096675c2a6f2e12246cd541cf23a4eafe546674
 RMD160 (mplayer/default-1.7.tar.bz2) = 5f78ff9db296d8fd53ef6603ec8a227eeb602dd1
-SHA1 (mplayer/MPlayer-1.0pre3.tar.bz2) = d3341f05518f6b331396c431f81b736b89402432
+SHA1 (mplayer/MPlayer-1.0pre3try2.tar.bz2) = 7fdc88fd57d32265be0c8ce69571b6e7e0bf87f7
 SHA1 (mplayer/default-1.7.tar.bz2) = 6912c3e58b4c76fad97fdb72945b27815069f7e3