Bug 246016

Summary: multimedia/vlc: Update to 3.0.10 (Fixes multiple CVE)
Product: Ports & Packages Reporter: Vladimir Druzenko <vvd>
Component: Individual Port(s)Assignee: freebsd-multimedia (Nobody) <multimedia>
Status: Closed FIXED    
Severity: Affects Some People CC: diizzy, ports-secteam, tcberner
Priority: --- Flags: tcberner: maintainer-feedback+
Version: Latest   
Hardware: Any   
OS: Any   
URL: https://www.videolan.org/security/sb-vlc309.html
Attachments:
Description Flags
v1
none
patch-share_Makefile.in none

Description Vladimir Druzenko freebsd_committer freebsd_triage 2020-04-29 04:41:27 UTC 
http://www.videolan.org/vlc/releases/3.0.10.html

Trivial patch with replace version in Makefile doesn't work.
Comment 1 Tobias C. Berner freebsd_committer freebsd_triage 2020-04-29 05:13:17 UTC 
Created attachment 213899 [details]
v1
Comment 2 Vladimir Druzenko freebsd_committer freebsd_triage 2020-04-29 06:43:02 UTC 
Created attachment 213902 [details]
patch-share_Makefile.in

You have to keep this patch. I fixed it.
Comment 3 Daniel Engberg freebsd_committer freebsd_triage 2020-04-29 10:12:14 UTC 
Since we're on the topic of CVEs, this PR is also probably of interest.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=243566
Comment 4 commit-hook freebsd_committer freebsd_triage 2020-04-29 18:52:38 UTC 
A commit references this bug:

Author: tcberner
Date: Wed Apr 29 18:52:21 UTC 2020
New revision: 533383
URL: https://svnweb.freebsd.org/changeset/ports/533383

Log:
  multimedia/vlc: update to 3.0.10

  PR:		246016
  Reported by:	VVD <vvd@unislabs.com>
  MFH:		2020Q2
  Security:	CVE-2019-19721 CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077 CVE-2020-6078 CVE-2020-6079

Changes:
  head/multimedia/vlc/Makefile
  head/multimedia/vlc/distinfo
  head/multimedia/vlc/files/patch-libplacebo-1.18
  head/multimedia/vlc/files/patch-modules_codec_aom.c
  head/multimedia/vlc/files/patch-share_Makefile.in
Comment 5 commit-hook freebsd_committer freebsd_triage 2020-04-29 18:59:40 UTC 
A commit references this bug:

Author: tcberner
Date: Wed Apr 29 18:59:32 UTC 2020
New revision: 533384
URL: https://svnweb.freebsd.org/changeset/ports/533384

Log:
  MFH: r533383

  multimedia/vlc: update to 3.0.10

  PR:		246016
  Reported by:	VVD <vvd@unislabs.com>
  Security:	CVE-2019-19721 CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077 CVE-2020-6078 CVE-2020-6079

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2020Q2/
  branches/2020Q2/multimedia/vlc/Makefile
  branches/2020Q2/multimedia/vlc/distinfo
  branches/2020Q2/multimedia/vlc/files/patch-libplacebo-1.18
  branches/2020Q2/multimedia/vlc/files/patch-modules_codec_aom.c
  branches/2020Q2/multimedia/vlc/files/patch-share_Makefile.in
Comment 6 Tobias C. Berner freebsd_committer freebsd_triage 2020-04-29 19:00:13 UTC 
Committed. 

mfg Tobias