Path to this page:
Subject: CVS commit: [pkgsrc-2008Q1] pkgsrc/multimedia/vlc
From: Tyler R. Retzlaff
Date: 2008-04-24 15:27:08
Message id: 20080424132708.CB925175D0@cvs.netbsd.org
Log Message:
pullup ticket #2346 - requested by tonnerre
fixes several security vulnerabilities
Revisions pulled up:
- pkgsrc/multimedia/vlc/Makefile 1.52
- pkgsrc/multimedia/vlc/distinfo 1.16
- pkgsrc/multimedia/vlc/patches/patch-ac 1.4
- pkgsrc/multimedia/vlc/patches/patch-ad 1.6
- pkgsrc/multimedia/vlc/patches/patch-ae removed
Module Name: pkgsrc
Committed By: tonnerre
Date: Sun Apr 20 15:31:03 UTC 2008
Modified Files:
pkgsrc/multimedia/vlc: Makefile distinfo
pkgsrc/multimedia/vlc/patches: patch-ac patch-ad
Removed Files:
pkgsrc/multimedia/vlc/patches: patch-ae
Log Message:
Update vlc to version 0.8.6f, also applying some smaller patches:
- Wrong boundary check in Speex decoder (CVE-2008-1686).
- Compilability of CDDA code with modern libcdio versions.
Vendor updates in 0.8.6f
- Security vulnerabilities in the Subtitle demuxer, Real RTSP demuxer,
MP4 demuxer and Cinepak codec: CVE-2007-6681, CVE-2008-0073,
CVE-2008-1489, CVE-2008-1769).
- Crashes in H264 packetizer.
- Close MMS access on network timeout.
- Some problems with AAC decoder & packetizer.
Vendor updates in 0.8.6e:
- Security vulnerabilities in the Web interface, Subtitle demuxer,
Real RTSP demuxer, SDL_image library and MP4 demuxer (CVE-2007-6681,
CVE-2007-6682, CVE-2006-4484, CVE-2008-0225, CVE-2008-0295,
CVE-2008-0296, CORE-2008-0130).
- Resume playback for viewing content over FTP.
- Fixed XShm detection with remote X11.
- DTS to S/PDIF converter fixes.
- Waiting for SPS/PPS problem in H.264 packetizer.
- Improved compatibility for creating H.264 video files playable on
iPhones.
Approved-by: joerg
Files: