FreeBSD Bugzilla – Attachment 161484 Details for
Bug 203410
multimedia/libvpx: bring more options used by Firefox
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
v1 + vuxml
libvpx_options.diff (text/plain), 2.88 KB, created by
Jan Beich
on 2015-09-28 11:39:20 UTC
(
hide
)
Description:
v1 + vuxml
Filename:
MIME Type:
Creator:
Jan Beich
Created:
2015-09-28 11:39:20 UTC
Size:
2.88 KB
patch
obsolete
>diff --git multimedia/libvpx/Makefile multimedia/libvpx/Makefile >index 845fcee..d39edc0 100644 >--- multimedia/libvpx/Makefile >+++ multimedia/libvpx/Makefile >@@ -5,6 +5,7 @@ PORTNAME= libvpx > DISTVERSIONPREFIX= v > DISTVERSION= 1.4.0-488 # tracking www/firefox > DISTVERSIONSUFFIX= -ge67d45d >+PORTREVISION= 1 > CATEGORIES= multimedia > > MAINTAINER= ashish@FreeBSD.org >@@ -24,12 +25,14 @@ HAS_CONFIGURE= yes > USE_PERL5= build > USE_LDCONFIG= yes > >-OPTIONS_DEFINE= DEBUG POSTPROC RUNTIME THREADS SHARED >-OPTIONS_DEFAULT= POSTPROC RUNTIME THREADS SHARED >+OPTIONS_DEFINE= DEBUG MULTIRES POSTPROC RUNTIME SHARED SIZE_LIMIT THREADS >+OPTIONS_DEFAULT=MULTIRES POSTPROC RUNTIME SHARED SIZE_LIMIT THREADS > OPTIONS_EXCLUDE_armv6= RUNTIME >+MULTIRES_DESC= Enable multiple-resolution encoding > POSTPROC_DESC= Enable postprocessing > RUNTIME_DESC= Enable runtime CPU detection > SHARED_DESC= Enable shared-library support >+SIZE_LIMIT_DESC=Max size to allow in the decoder (default: ${SIZE_LIMIT}) > > ALL_TARGET= > CONFIGURE_ARGS+=--prefix=${PREFIX} \ >@@ -44,10 +47,13 @@ MAKE_ENV= LC_ALL=C > OPTIONS_SUB= SHARED > > DEBUG_CONFIGURE_ON= --enable-debug >+MULTIRES_CONFIGURE_ON= --enable-multi-res-encoding > POSTPROC_CONFIGURE_ON= --enable-postproc > RUNTIME_CONFIGURE_ON= --enable-runtime-cpu-detect >-THREADS_CONFIGURE_OFF= --disable-multithread > SHARED_CONFIGURE_ON= --enable-shared >+SIZE_LIMIT_CONFIGURE_ON=--size-limit=${SIZE_LIMIT} >+SIZE_LIMIT?= 4000x3000 # same as VideoUtils.h in Firefox >+THREADS_CONFIGURE_OFF= --disable-multithread > > SHEBANG_FILES= build/make/ads2gas.pl > >diff --git security/vuxml/vuln.xml security/vuxml/vuln.xml >index c066eb3..7e2d2af 100644 >--- security/vuxml/vuln.xml >+++ security/vuxml/vuln.xml >@@ -58,6 +58,36 @@ Notes: > > --> > <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> >+ <vuln vid="6ca7eddd-d436-486a-b169-b948436bcf14"> >+ <topic>libvpx -- buffer overflow in vp9_init_context_buffers</topic> >+ <affects> >+ <package> >+ <name>libvpx</name> >+ <range><lt>1.4.0.488_1</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>The Mozilla Project reports:</p> >+ <blockquote cite="https://www.mozilla.org/security/advisories/mfsa2015-101/"> >+ <p>Security researcher Khalil Zhani reported that a >+ maliciously crafted vp9 format video could be used to >+ trigger a buffer overflow while parsing the file. This leads >+ to a potentially exploitable crash due to a flaw in the >+ libvpx library.</p> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2015-4506</cvename> >+ <url>https://www.mozilla.org/security/advisories/mfsa2015-101/</url> >+ </references> >+ <dates> >+ <discovery>2015-09-22</discovery> >+ <entry>2015-09-28</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="5114cd11-6571-11e5-9909-002590263bf5"> > <topic>codeigniter -- SQL injection vulnerability</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=161484">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 203410
: 161484