Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 11 Oct 2016 19:23:49 +0000 (UTC)
From:      Thomas Zander <riggs@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-branches@freebsd.org
Subject:   svn commit: r423789 - in branches/2016Q4/multimedia/mkvtoolnix: . files
Message-ID:  <201610111923.u9BJNnH2082982@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: riggs
Date: Tue Oct 11 19:23:49 2016
New Revision: 423789
URL: https://svnweb.freebsd.org/changeset/ports/423789

Log:
  MFH: r423569 r423787
  
  Update to upstream version 9.4.2; fixes code execution vulnerability
  
  Fix build on archs where sizeof(size_t) != sizeof(uint64_t)
  
  Approved by:	ports-secteam (feld), ports-secteam (build fix blanket)

Added:
  branches/2016Q4/multimedia/mkvtoolnix/files/patch-src_input_r__qtmp4.cpp
     - copied unchanged from r423787, head/multimedia/mkvtoolnix/files/patch-src_input_r__qtmp4.cpp
Modified:
  branches/2016Q4/multimedia/mkvtoolnix/Makefile
  branches/2016Q4/multimedia/mkvtoolnix/distinfo
Directory Properties:
  branches/2016Q4/   (props changed)

Modified: branches/2016Q4/multimedia/mkvtoolnix/Makefile
==============================================================================
--- branches/2016Q4/multimedia/mkvtoolnix/Makefile	Tue Oct 11 19:21:47 2016	(r423788)
+++ branches/2016Q4/multimedia/mkvtoolnix/Makefile	Tue Oct 11 19:23:49 2016	(r423789)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	mkvtoolnix
-PORTVERSION=	9.4.0
+PORTVERSION=	9.4.2
 CATEGORIES=	multimedia audio
 MASTER_SITES=	http://www.bunkus.org/videotools/mkvtoolnix/sources/ \
 		https://mkvtoolnix.download/sources/

Modified: branches/2016Q4/multimedia/mkvtoolnix/distinfo
==============================================================================
--- branches/2016Q4/multimedia/mkvtoolnix/distinfo	Tue Oct 11 19:21:47 2016	(r423788)
+++ branches/2016Q4/multimedia/mkvtoolnix/distinfo	Tue Oct 11 19:23:49 2016	(r423789)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1472139058
-SHA256 (mkvtoolnix-9.4.0.tar.xz) = af633768ac3ca193070c76c93bbf496b41e451d1652e1d3d6fd4c20361e56265
-SIZE (mkvtoolnix-9.4.0.tar.xz) = 3765696
+TIMESTAMP = 1475996823
+SHA256 (mkvtoolnix-9.4.2.tar.xz) = df2c3773c0e7a75d88e75906cc425f9ed7f07ce36a99854162e14202ccd42904
+SIZE (mkvtoolnix-9.4.2.tar.xz) = 3774320

Copied: branches/2016Q4/multimedia/mkvtoolnix/files/patch-src_input_r__qtmp4.cpp (from r423787, head/multimedia/mkvtoolnix/files/patch-src_input_r__qtmp4.cpp)
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ branches/2016Q4/multimedia/mkvtoolnix/files/patch-src_input_r__qtmp4.cpp	Tue Oct 11 19:23:49 2016	(r423789, copy of r423787, head/multimedia/mkvtoolnix/files/patch-src_input_r__qtmp4.cpp)
@@ -0,0 +1,11 @@
+--- src/input/r_qtmp4.cpp.orig	2016-09-11 12:16:51 UTC
++++ src/input/r_qtmp4.cpp
+@@ -107,7 +107,7 @@ read_qtmp4_atom(mm_io_c *read_from,
+     if (exit_on_error)
+       mxerror(boost::format(Y("Quicktime/MP4 reader: Invalid chunk size %1% at %2%.\n")) % a.size % a.pos);
+     else
+-      throw mtx::atom_chunk_size_x{a.size, a.pos};
++      throw mtx::atom_chunk_size_x{static_cast<size_t>(a.size), static_cast<size_t>(a.pos)};
+   }
+ 
+   return a;



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201610111923.u9BJNnH2082982>