Subject: CVS commit: [pkgsrc-2008Q1] pkgsrc/multimedia/vlc
From: Tyler R. Retzlaff
Date: 2008-04-24 15:27:08
Message id: 20080424132708.CB925175D0@cvs.netbsd.org

Log Message:
pullup ticket #2346 - requested by tonnerre
fixes several security vulnerabilities

Revisions pulled up:
- pkgsrc/multimedia/vlc/Makefile	 1.52
- pkgsrc/multimedia/vlc/distinfo	 1.16
- pkgsrc/multimedia/vlc/patches/patch-ac 1.4
- pkgsrc/multimedia/vlc/patches/patch-ad 1.6
- pkgsrc/multimedia/vlc/patches/patch-ae removed

   Module Name:	pkgsrc
   Committed By:	tonnerre
   Date:		Sun Apr 20 15:31:03 UTC 2008

   Modified Files:
   	pkgsrc/multimedia/vlc: Makefile distinfo
   	pkgsrc/multimedia/vlc/patches: patch-ac patch-ad
   Removed Files:
   	pkgsrc/multimedia/vlc/patches: patch-ae

   Log Message:
   Update vlc to version 0.8.6f, also applying some smaller patches:
    - Wrong boundary check in Speex decoder (CVE-2008-1686).
    - Compilability of CDDA code with modern libcdio versions.

   Vendor updates in 0.8.6f
    - Security vulnerabilities in the Subtitle demuxer, Real RTSP demuxer,
      MP4 demuxer and Cinepak codec: CVE-2007-6681, CVE-2008-0073,
      CVE-2008-1489, CVE-2008-1769).
    - Crashes in H264 packetizer.
    - Close MMS access on network timeout.
    - Some problems with AAC decoder & packetizer.

   Vendor updates in 0.8.6e:
    - Security vulnerabilities in the Web interface, Subtitle demuxer,
      Real RTSP demuxer, SDL_image library and MP4 demuxer (CVE-2007-6681,
      CVE-2007-6682, CVE-2006-4484, CVE-2008-0225, CVE-2008-0295,
   CVE-2008-0296, CORE-2008-0130).
    - Resume playback for viewing content over FTP.
    - Fixed XShm detection with remote X11.
    - DTS to S/PDIF converter fixes.
    - Waiting for SPS/PPS problem in H.264 packetizer.
    - Improved compatibility for creating H.264 video files playable on
   iPhones.

   Approved-by: joerg

Files:
RevisionActionfile
1.50.2.1modifypkgsrc/multimedia/vlc/Makefile
1.15.2.1modifypkgsrc/multimedia/vlc/distinfo
1.3.2.1modifypkgsrc/multimedia/vlc/patches/patch-ac
1.5.2.1modifypkgsrc/multimedia/vlc/patches/patch-ad
1.3removepkgsrc/multimedia/vlc/patches/patch-ae