Git-Url:
http://git.frugalware.org/gitweb/gitweb.cgi?p=frugalware-0.7.git;a=commitdiff;h=2b5672063f6291aac04297786e46d44334a2dff4
commit 2b5672063f6291aac04297786e46d44334a2dff4
Author: voroskoi <[EMAIL PROTECTED]>
Date: Tue Jan 22 17:27:48 2008 +0100
libcdio-0.78.2-2sayshell1-x86_64
CVE-2007-6613.patch added, closes #2713
diff --git a/source/lib/libcdio/CVE-2007-6613.patch
b/source/lib/libcdio/CVE-2007-6613.patch
new file mode 100644
index 0000000..ac982c5
--- /dev/null
+++ b/source/lib/libcdio/CVE-2007-6613.patch
@@ -0,0 +1,24 @@
+diff -Naur libcdio-0.79/src/cd-info.c libcdio-0.79-cve/src/cd-info.c
+--- libcdio-0.79/src/cd-info.c 2007-06-16 22:12:16.000000000 +0200
++++ libcdio-0.79-cve/src/cd-info.c 2008-01-22 15:15:59.000000000 +0100
+@@ -539,7 +539,7 @@
+ iso9660_stat_t *p_statbuf = _cdio_list_node_data (entnode);
+ char *psz_iso_name = p_statbuf->filename;
+ char _fullname[4096] = { 0, };
+- char translated_name[MAX_ISONAME+1];
++ char *translated_name = (char *) alloca(strlen(psz_iso_name)+1);
+
+ if (yep != p_statbuf->rr.b3_rock || 1 == opts.no_rock_ridge) {
+ iso9660_name_translate_ext(psz_iso_name, translated_name,
+diff -Naur libcdio-0.79/src/iso-info.c libcdio-0.79-cve/src/iso-info.c
+--- libcdio-0.79/src/iso-info.c 2006-03-17 20:37:08.000000000 +0100
++++ libcdio-0.79-cve/src/iso-info.c 2008-01-22 15:15:06.000000000 +0100
+@@ -224,7 +224,7 @@
+ iso9660_stat_t *p_statbuf = _cdio_list_node_data (entnode);
+ char *psz_iso_name = p_statbuf->filename;
+ char _fullname[4096] = { 0, };
+- char translated_name[MAX_ISONAME+1];
++ char *translated_name = (char *) alloca(strlen(psz_iso_name)+1);
+
+ if (yep != p_statbuf->rr.b3_rock || 1 == opts.no_rock_ridge) {
+ iso9660_name_translate_ext(psz_iso_name, translated_name,
diff --git a/source/lib/libcdio/FrugalBuild b/source/lib/libcdio/FrugalBuild
index 42d3be0..5a943dd 100644
--- a/source/lib/libcdio/FrugalBuild
+++ b/source/lib/libcdio/FrugalBuild
@@ -4,7 +4,7 @@
pkgname=libcdio
pkgver=0.78.2
-pkgrel=1
+pkgrel=2sayshell1
pkgdesc="Portable CD-ROM I/O library"
url="http://www.gnu.org/software/libcdio/";
groups=('lib')
@@ -13,7 +13,8 @@ depends=('ncurses' 'libcddb')
makedepends=('cdparanoia' 'cdrdao')
license="GPL2"
Fup2gnugz
-source=(ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz)
-sha1sums=('6a87e49cd84b9f67192d6357524772db9ae02ecc')
+source=(ftp://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz
CVE-2007-6613.patch)
+sha1sums=('6a87e49cd84b9f67192d6357524772db9ae02ecc' \
+ '8670c2a18231e96030177b3315ef611cf92742b2')
# optimization OK
_______________________________________________
Frugalware-git mailing list
[email protected]
http://frugalware.org/mailman/listinfo/frugalware-git
