78928 – Security update port: audio/grip from grip-3.2.0_6 to grip-3.2.0_7

Bug 78928 - Security update port: audio/grip from grip-3.2.0_6 to grip-3.2.0_7

Summary: Security update port: audio/grip from grip-3.2.0_6 to grip-3.2.0_7

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-ports-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-03-16 18:40 UTC by Esa Karkkainen
Modified:	2005-03-17 07:41 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
file.diff (1.36 KB, patch) 2005-03-16 18:40 UTC, Esa Karkkainen	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Esa Karkkainen 2005-03-16 18:40:02 UTC

Fix to CDDB response multiple matches buffer overflow vulnerability.

Information what to fix was found obtained from 

http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/SRPMS/grip-3.2.0-3.fc2.src.rpm

grip.834724.patch

Fix: Please note that a new file "files/patch-src::discdb" will be created
when applying following patch.
How-To-Repeat: 
# cd /usr/ports/audio/grip && make all
===> The default CDROM device is /dev/acd0
===> Define WITH_CDROM_DEVICE if you want to change the default
===> For example, 'make WITH_CDROM_DEVICE="/dev/somedevice"'
===>  grip-3.2.0_6 has known vulnerabilities:
=> grip -- CDDB response multiple matches buffer overflow vulnerability.
   Reference: <http://www.FreeBSD.org/ports/portaudit/bcf27002-94c3-11d9-a9e0-0001020eed82.html>
=> Please update your ports tree and try again.
*** Error code 1

Stop in /usr/ports/audio/grip.

Comment 1 Michael Johnson freebsd_committer

2005-03-17 07:41:32 UTC

State Changed
From-To: open->closed

Committed, Thanks!