[gentoo-commits] repo/gentoo:master commit in: media-video/vlc/, media-video/vlc/files/ - gentoo-commits

From:	Ian Delaney <idella4@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: media-video/vlc/, media-video/vlc/files/
Date:	Wed, 28 Oct 2015 01:43:20
Message-Id:	`1445996581.512cacd39f22b2bfde6725f09d0f08ff37e8bbd6.idella4@gentoo`

1

commit:     512cacd39f22b2bfde6725f09d0f08ff37e8bbd6

2

Author:     Ian Delaney <idella4 <AT> gentoo <DOT> org>

3

AuthorDate: Wed Oct 28 01:40:00 2015 +0000

4

Commit:     Ian Delaney <idella4 <AT> gentoo <DOT> org>

5

CommitDate: Wed Oct 28 01:43:01 2015 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=512cacd3

7

8

media-video/vlc: revbump -> -2.2.1-r1, sec patch CVE-2015-5949

9

10

patch submitted by proxy maintainer via the gentoo bug, also

11

runtested by Amynka, removed initial vlc-2.2.1.ebuild

12

13

Gentoo bug: #558418

14

15

Package-Manager: portage-2.2.23

16

17

 media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch       | 15 +++++++++++++++

18

 media-video/vlc/{vlc-2.2.1.ebuild => vlc-2.2.1-r1.ebuild} |  3 +++

19

 2 files changed, 18 insertions(+)

20

21

diff --git a/media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch b/media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch

22

new file mode 100644

23

index 0000000..83a5258

24

--- /dev/null

25

+++ b/media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch

26

@@ -0,0 +1,15 @@

27

+https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=ce91452460a75d7424b165c4dc8db98114c3cbd9;hp=9e12195d3e4316278af1fa4bcb6a705ff27456fd

28

+--- a/modules/demux/mp4/libmp4.c

29

++++ b/modules/demux/mp4/libmp4.c

30

+@@ -3643,6 +3643,11 @@ void MP4_BoxFree( stream_t *s, MP4_Box_t *p_box )

31

+     {

32

+         for( i_index = 0; ; i_index++ )

33

+         {

34

++            if ( MP4_Box_Function[i_index].i_parent &&

35

++                 p_box->p_father &&

36

++                 p_box->p_father->i_type != MP4_Box_Function[i_index].i_parent )

37

++                continue;

38

++

39

+             if( ( MP4_Box_Function[i_index].i_type == p_box->i_type )||

40

+                 ( MP4_Box_Function[i_index].i_type == 0 ) )

41

+             {

42

43

diff --git a/media-video/vlc/vlc-2.2.1.ebuild b/media-video/vlc/vlc-2.2.1-r1.ebuild

44

similarity index 99%

45

rename from media-video/vlc/vlc-2.2.1.ebuild

46

rename to media-video/vlc/vlc-2.2.1-r1.ebuild

47

index 73ab21a..be3ece4 100644

48

--- a/media-video/vlc/vlc-2.2.1.ebuild

49

+++ b/media-video/vlc/vlc-2.2.1-r1.ebuild

50

@@ -250,6 +250,7 @@ src_prepare() {

51

 	# We are not in a real git checkout due to the absence of a .git directory.

52

 	touch src/revision.txt || die

53

54

+	# PATCHES

55

 	# Fix build system mistake.

56

 	epatch "${FILESDIR}"/${PN}-2.1.0-fix-libtremor-libs.patch

57

58

@@ -271,6 +272,8 @@ src_prepare() {

59

 	# Add missed header imgproc_c.h, imgproc.hpp, bug #554562

60

 	epatch "${FILESDIR}"/opencv-3.0.0.patch

61

62

+	epatch "${FILESDIR}"//${P}-CVE-2015-5949.patch

63

+

64

 	# Don't use --started-from-file when not using dbus.

65

 	if ! use dbus ; then

66

 		sed -i 's/ --started-from-file//' share/vlc.desktop.in || die

1	commit: 512cacd39f22b2bfde6725f09d0f08ff37e8bbd6
2	Author: Ian Delaney <idella4 <AT> gentoo <DOT> org>
3	AuthorDate: Wed Oct 28 01:40:00 2015 +0000
4	Commit: Ian Delaney <idella4 <AT> gentoo <DOT> org>
5	CommitDate: Wed Oct 28 01:43:01 2015 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=512cacd3
7
8	media-video/vlc: revbump -> -2.2.1-r1, sec patch CVE-2015-5949
9
10	patch submitted by proxy maintainer via the gentoo bug, also
11	runtested by Amynka, removed initial vlc-2.2.1.ebuild
12
13	Gentoo bug: #558418
14
15	Package-Manager: portage-2.2.23
16
17	media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch \| 15 +++++++++++++++
18	media-video/vlc/{vlc-2.2.1.ebuild => vlc-2.2.1-r1.ebuild} \| 3 +++
19	2 files changed, 18 insertions(+)
20
21	diff --git a/media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch b/media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch
22	new file mode 100644
23	index 0000000..83a5258
24	--- /dev/null
25	+++ b/media-video/vlc/files/vlc-2.2.1-CVE-2015-5949.patch
26	@@ -0,0 +1,15 @@
27	+https://git.videolan.org/?p=vlc/vlc-2.2.git;a=commitdiff;h=ce91452460a75d7424b165c4dc8db98114c3cbd9;hp=9e12195d3e4316278af1fa4bcb6a705ff27456fd
28	+--- a/modules/demux/mp4/libmp4.c
29	++++ b/modules/demux/mp4/libmp4.c
30	+@@ -3643,6 +3643,11 @@ void MP4_BoxFree( stream_t s, MP4_Box_t p_box )
31	+ {
32	+ for( i_index = 0; ; i_index++ )
33	+ {
34	++ if ( MP4_Box_Function[i_index].i_parent &&
35	++ p_box->p_father &&
36	++ p_box->p_father->i_type != MP4_Box_Function[i_index].i_parent )
37	++ continue;
38	++
39	+ if( ( MP4_Box_Function[i_index].i_type == p_box->i_type )\|\|
40	+ ( MP4_Box_Function[i_index].i_type == 0 ) )
41	+ {
42
43	diff --git a/media-video/vlc/vlc-2.2.1.ebuild b/media-video/vlc/vlc-2.2.1-r1.ebuild
44	similarity index 99%
45	rename from media-video/vlc/vlc-2.2.1.ebuild
46	rename to media-video/vlc/vlc-2.2.1-r1.ebuild
47	index 73ab21a..be3ece4 100644
48	--- a/media-video/vlc/vlc-2.2.1.ebuild
49	+++ b/media-video/vlc/vlc-2.2.1-r1.ebuild
50	@@ -250,6 +250,7 @@ src_prepare() {
51	# We are not in a real git checkout due to the absence of a .git directory.
52	touch src/revision.txt \|\| die
53
54	+ # PATCHES
55	# Fix build system mistake.
56	epatch "${FILESDIR}"/${PN}-2.1.0-fix-libtremor-libs.patch
57
58	@@ -271,6 +272,8 @@ src_prepare() {
59	# Add missed header imgproc_c.h, imgproc.hpp, bug #554562
60	epatch "${FILESDIR}"/opencv-3.0.0.patch
61
62	+ epatch "${FILESDIR}"//${P}-CVE-2015-5949.patch
63	+
64	# Don't use --started-from-file when not using dbus.
65	if ! use dbus ; then
66	sed -i 's/ --started-from-file//' share/vlc.desktop.in \|\| die

Gentoo Archives: gentoo-commits