Bug 75231 - [ maintainer ] audio/mpg123: non-critial security fix, rename patches
Summary: [ maintainer ] audio/mpg123: non-critial security fix, rename patches
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: niels
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-12-18 18:20 UTC by Roman Bogorodskiy
Modified: 2005-01-11 13:50 UTC (History)
0 users

See Also:

Attachments
port.mpg123.security (21.57 KB, text/plain)
2004-12-18 18:20 UTC, Roman Bogorodskiy 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Roman Bogorodskiy 2004-12-18 18:20:23 UTC 
	- Change patch name style from patch-a[a-z] to patch-$file_to_patch
	- Security fix: bof in find_next_file()@mpg123.c, source: 
	  http://tigger.uic.edu/~jlongs2/holes/mpg123.txt. But I has not 
	  succeeded in finding file called "8.list" (refered in the advisory) 
	  so I cannot test whether my patch is correct. I guest, it should be
	  reviewed by the security team.
	- Bump PORTREVISION
Comment 1 niels freebsd_committer freebsd_triage 2004-12-21 15:48:15 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->niels

Nice to see you filed a PR, I just wrote a VuXML entry and port 
patch for this issue ;p 

I'll process it.
Comment 2 niels freebsd_committer freebsd_triage 2005-01-11 13:39:55 UTC 
State Changed
From-To: open->closed

Hi Roman, 

The security fix has been committed but not the patch renames. 
This because the renames, as provided, would cause commit logs 
to get lost.  

It would be better if you could request a repository copy  
of these files. How this can be done is described here: 

http://www.freebsd.org/doc/en_US.ISO8859-1/articles/committers-guide/article.html#AEN1318 

Thanks for the submission and sorry for the delay 

Niels