[Frugalware-git] frugalware-current: id3lib-3.8.3-4-i686

[VMiklos]

Git-Url: 
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-current.git;a=commitdiff;h=fe8a5e94df96aea49b16435fb564929c5e1583a5

commit fe8a5e94df96aea49b16435fb564929c5e1583a5
Author: VMiklos <[EMAIL PROTECTED]>
Date:   Thu Sep 6 17:32:06 2007 +0200

id3lib-3.8.3-4-i686
added CVE-2007-4460.diff
closes #2372

diff --git a/source/multimedia/id3lib/CVE-2007-4460.diff 
b/source/multimedia/id3lib/CVE-2007-4460.diff
new file mode 100644
index 0000000..6734210
--- /dev/null
+++ b/source/multimedia/id3lib/CVE-2007-4460.diff
@@ -0,0 +1,51 @@
+--- id3lib3.8.3-3.8.3.orig/src/tag_file.cpp
++++ id3lib3.8.3-3.8.3/src/tag_file.cpp
+@@ -242,8 +242,8 @@
+     strcpy(sTempFile, filename.c_str());
+     strcat(sTempFile, sTmpSuffix.c_str());
+
+-#if ((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
+-    // This section is for Windows folk && gcc 3.x folk
++#if !defined(HAVE_MKSTEMP)
++    // This section is for Windows folk
+     fstream tmpOut;
+     createFile(sTempFile, tmpOut);
+
+@@ -257,7 +257,7 @@
+       tmpOut.write((char *)tmpBuffer, nBytes);
+     }
+
+-#else //((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
++#else //!defined(HAVE_MKSTEMP)
+
+     // else we gotta make a temp file, copy the tag into it, copy the
+     // rest of the old file after the tag, delete the old file, rename
+@@ -270,7 +270,7 @@
+       //ID3_THROW_DESC(ID3E_NoFile, "couldn't open temp file");
+     }
+
+-    ofstream tmpOut(fd);
++    ofstream tmpOut(sTempFile);
+     if (!tmpOut)
+     {
+       tmpOut.close();
+@@ -285,14 +285,14 @@
+     uchar tmpBuffer[BUFSIZ];
+     while (file)
+     {
+-      file.read(tmpBuffer, BUFSIZ);
++      file.read((char *)tmpBuffer, BUFSIZ);
+       size_t nBytes = file.gcount();
+-      tmpOut.write(tmpBuffer, nBytes);
++      tmpOut.write((char *)tmpBuffer, nBytes);
+     }
+
+     close(fd); //closes the file
+
+-#endif ////((defined(__GNUC__) && __GNUC__ >= 3  ) || !defined(HAVE_MKSTEMP))
++#endif ////!defined(HAVE_MKSTEMP)
+
+     tmpOut.close();
+     file.close();
+only in patch2:
+unchanged:
diff --git a/source/multimedia/id3lib/FrugalBuild 
b/source/multimedia/id3lib/FrugalBuild
index 67d1b28..053884d 100644
--- a/source/multimedia/id3lib/FrugalBuild
+++ b/source/multimedia/id3lib/FrugalBuild
@@ -3,17 +3,19 @@

pkgname=id3lib
pkgver=3.8.3
-pkgrel=3
+pkgrel=4
pkgdesc="A library for reading, writing, and manipulating ID3v1 and ID3v2 tags."
depends=('libstdc++' 'zlib')
groups=('multimedia')
archs=('i686' 'x86_64')
Finclude sourceforge
-source=([EMAIL PROTECTED] id3lib-3.8.3-autoconf259.patch 
id3lib-3.8.3-zlib.patch)
+source=([EMAIL PROTECTED] id3lib-3.8.3-autoconf259.patch 
id3lib-3.8.3-zlib.patch \
+       CVE-2007-4460.diff)
up2date="lynx -dump http://id3lib.sourceforge.net/|grep 'Latest Release'|sed 
's/.*]\(.*\)/\1/'"
sha1sums=('c92c880da41d1ec0b242745a901702ae87970838' \
'6006f32d29461136ec029dda2ae7339fde6df1df' \
-          '231721feb310f5ef6d820d1c1397e3605b5689cb')
+          '231721feb310f5ef6d820d1c1397e3605b5689cb' \
+          '05f00def566a151b3e47a2bfed67d28df898918a')

build()
{
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git