Bug 93767 - [Maintainer-update] multimedia/mplayer (buf overflow)
Summary: [Maintainer-update] multimedia/mplayer (buf overflow)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Vasil Dimov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2006-02-23 21:00 UTC by Thomas E. Zander
Modified: 2006-03-09 08:49 UTC (History)
0 users

See Also:

Attachments
file.diff (1.83 KB, patch)
2006-02-23 21:00 UTC, Thomas E. Zander 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas E. Zander 2006-02-23 21:00:14 UTC 
A potential mplayer vulnerability (heap overflow) has been detected
in the ASF demuxer.
Although at the moment no exploit is known, it is potentially dangerous,
especially as streaming content might be misused for remote exploits.
This pr adds a new file,

files/patch-libmpdemux-demuxer.h

which contains the official patch to address this issue.

Fix: Patch for multimedia/mplayer:
Comment 1 Vasil Dimov freebsd_committer freebsd_triage 2006-03-09 06:42:40 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->vd

Grab
Comment 2 Vasil Dimov freebsd_committer freebsd_triage 2006-03-09 08:42:46 UTC 
State Changed
From-To: open->closed

Committed, thanks! 
Some hints: 
* you can use Tools/scripts/splitpatch.pl to create "standard" patch filenames 
* to speedup the process you can include words like patch, fix, security in the synopsis of the PR