Date: Wed, 1 Oct 2008 19:23:57 +0000 (UTC) From: Martin Wilke <miwi@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/multimedia/mplayer Makefile ports/multimedia/mplayer/files patch-CVE-2008-3827 Message-ID: <200810011923.m91JNvwn033956@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
miwi 2008-10-01 19:23:57 UTC FreeBSD ports repository Modified files: multimedia/mplayer Makefile Added files: multimedia/mplayer/files patch-CVE-2008-3827 Log: - Fix a vulnerability which could result in arbitrary code execution and at least, in unexpected process termination. Three integer underflows located in the Real demuxer code can be used to exploit a heap overflow, a specific video file can be crafted in order to make the stream_read function read or write arbitrary amounts of memory. Approved by: maintainer via private mail Security: http://www.vuxml.org/freebsd/724e6f93-8f2a-11dd-821f-001cc0377035.html Revision Changes Path 1.177 +1 -1 ports/multimedia/mplayer/Makefile 1.1 +28 -0 ports/multimedia/mplayer/files/patch-CVE-2008-3827 (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200810011923.m91JNvwn033956>