Bug 246016 - multimedia/vlc: Update to 3.0.10 (Fixes multiple CVE)
Summary: multimedia/vlc: Update to 3.0.10 (Fixes multiple CVE)
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-multimedia (Nobody)
URL: https://www.videolan.org/security/sb-...
Keywords:
Depends on:
Blocks:
 
Reported: 2020-04-29 04:41 UTC by VVD
Modified: 2020-04-29 19:00 UTC (History)
3 users (show)

See Also:
tcberner: maintainer-feedback+


Attachments
v1 (10.38 KB, patch)
2020-04-29 05:13 UTC, Tobias C. Berner
no flags Details | Diff
patch-share_Makefile.in (397 bytes, patch)
2020-04-29 06:43 UTC, VVD
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description VVD 2020-04-29 04:41:27 UTC
http://www.videolan.org/vlc/releases/3.0.10.html

Trivial patch with replace version in Makefile doesn't work.
Comment 1 Tobias C. Berner freebsd_committer 2020-04-29 05:13:17 UTC
Created attachment 213899 [details]
v1
Comment 2 VVD 2020-04-29 06:43:02 UTC
Created attachment 213902 [details]
patch-share_Makefile.in

You have to keep this patch. I fixed it.
Comment 3 daniel.engberg.lists 2020-04-29 10:12:14 UTC
Since we're on the topic of CVEs, this PR is also probably of interest.
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=243566
Comment 4 commit-hook freebsd_committer 2020-04-29 18:52:38 UTC
A commit references this bug:

Author: tcberner
Date: Wed Apr 29 18:52:21 UTC 2020
New revision: 533383
URL: https://svnweb.freebsd.org/changeset/ports/533383

Log:
  multimedia/vlc: update to 3.0.10

  PR:		246016
  Reported by:	VVD <vvd@unislabs.com>
  MFH:		2020Q2
  Security:	CVE-2019-19721 CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077 CVE-2020-6078 CVE-2020-6079

Changes:
  head/multimedia/vlc/Makefile
  head/multimedia/vlc/distinfo
  head/multimedia/vlc/files/patch-libplacebo-1.18
  head/multimedia/vlc/files/patch-modules_codec_aom.c
  head/multimedia/vlc/files/patch-share_Makefile.in
Comment 5 commit-hook freebsd_committer 2020-04-29 18:59:40 UTC
A commit references this bug:

Author: tcberner
Date: Wed Apr 29 18:59:32 UTC 2020
New revision: 533384
URL: https://svnweb.freebsd.org/changeset/ports/533384

Log:
  MFH: r533383

  multimedia/vlc: update to 3.0.10

  PR:		246016
  Reported by:	VVD <vvd@unislabs.com>
  Security:	CVE-2019-19721 CVE-2020-6071 CVE-2020-6072 CVE-2020-6073 CVE-2020-6077 CVE-2020-6078 CVE-2020-6079

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2020Q2/
  branches/2020Q2/multimedia/vlc/Makefile
  branches/2020Q2/multimedia/vlc/distinfo
  branches/2020Q2/multimedia/vlc/files/patch-libplacebo-1.18
  branches/2020Q2/multimedia/vlc/files/patch-modules_codec_aom.c
  branches/2020Q2/multimedia/vlc/files/patch-share_Makefile.in
Comment 6 Tobias C. Berner freebsd_committer 2020-04-29 19:00:13 UTC
Committed. 

mfg Tobias