Bug 246016 - multimedia/vlc: Update to 3.0.10 (Fixes multiple CVE)
Summary: multimedia/vlc: Update to 3.0.10 (Fixes multiple CVE)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-multimedia (Nobody)
URL: https://www.videolan.org/security/sb-...
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-29 04:41 UTC by Vladimir Druzenko
Modified: 2020-04-29 19:00 UTC (History)
3 users (show)

See Also:
tcberner: maintainer-feedback+

Attachments
v1 (10.38 KB, patch)
2020-04-29 05:13 UTC, Tobias C. Berner 		no flags Details | Diff
patch-share_Makefile.in (397 bytes, patch)
2020-04-29 06:43 UTC, Vladimir Druzenko 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Vladimir Druzenko freebsd_committer freebsd_triage 2020-04-29 04:41:27 UTC 
http://www.videolan.org/vlc/releases/3.0.10.html

Trivial patch with replace version in Makefile doesn't work.
Comment 1 Tobias C. Berner freebsd_committer freebsd_triage 2020-04-29 05:13:17 UTC 
Created attachment 213899 [details]
v1
Comment 2 Vladimir Druzenko freebsd_committer freebsd_triage 2020-04-29 06:43:02 UTC 
Created attachment 213902 [details]
patch-share_Makefile.in

You have to keep this patch. I fixed it.
Comment 3 Daniel Engberg freebsd_committer freebsd_triage 2020-04-29 10:12:14 UTC 
Since we're on the topic of CVEs, this PR is also probably of interest.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=243566
Comment 4 commit-hook freebsd_committer freebsd_triage 2020-04-29 18:52:38 UTC 
A commit references this bug:

Author: tcberner
Date: Wed Apr 29 18:52:21 UTC 2020
New revision: 533383
URL: https://svnweb.freebsd.org/changeset/ports/533383

Log:
  multimedia/vlc: update to 3.0.10

  PR:		246016
  Reported by:	VVD <vvd@unislabs.com>
  MFH:		2020Q2
  Security:	CVE-2019-19721 CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077 CVE-2020-6078 CVE-2020-6079

Changes:
  head/multimedia/vlc/Makefile
  head/multimedia/vlc/distinfo
  head/multimedia/vlc/files/patch-libplacebo-1.18
  head/multimedia/vlc/files/patch-modules_codec_aom.c
  head/multimedia/vlc/files/patch-share_Makefile.in
Comment 5 commit-hook freebsd_committer freebsd_triage 2020-04-29 18:59:40 UTC 
A commit references this bug:

Author: tcberner
Date: Wed Apr 29 18:59:32 UTC 2020
New revision: 533384
URL: https://svnweb.freebsd.org/changeset/ports/533384

Log:
  MFH: r533383

  multimedia/vlc: update to 3.0.10

  PR:		246016
  Reported by:	VVD <vvd@unislabs.com>
  Security:	CVE-2019-19721 CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077 CVE-2020-6078 CVE-2020-6079

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2020Q2/
  branches/2020Q2/multimedia/vlc/Makefile
  branches/2020Q2/multimedia/vlc/distinfo
  branches/2020Q2/multimedia/vlc/files/patch-libplacebo-1.18
  branches/2020Q2/multimedia/vlc/files/patch-modules_codec_aom.c
  branches/2020Q2/multimedia/vlc/files/patch-share_Makefile.in
Comment 6 Tobias C. Berner freebsd_committer freebsd_triage 2020-04-29 19:00:13 UTC 
Committed. 

mfg Tobias