Update to 1.1.4: A specially-crafted Opus packet could cause an

integer wrap-around in the SILK LSF stabilization code. Reported as CVE-2017-0381, but upstream does not believe that any remote code execution is possible. https://git.xiph.org/?p=opus.git;a=commit;h=70a3d641b760b3d313b6025f82aed93a4607
svn path=/head/; revision=432084
2017-01-21 21:52:12 +00:00 · 2017-01-21 21:52:12 +00:00 · b3f6c07e1c · 2021-03-31 03:12:20 +00:00
commit b3f6c07e1c
parent feab39b3c3
3 changed files with 5 additions and 5 deletions
--- a/audio/opus/Makefile
+++ b/audio/opus/Makefile
@ -1,7 +1,7 @@
 # $FreeBSD$

 PORTNAME=	opus
-PORTVERSION=	1.1.3
+PORTVERSION=	1.1.4
 CATEGORIES=	audio
 MASTER_SITES=	http://downloads.xiph.org/releases/opus/ \
 		MOZILLA/opus
--- a/audio/opus/distinfo
+++ b/audio/opus/distinfo
@ -1,3 +1,3 @@
-TIMESTAMP = 1470324014
-SHA256 (opus-1.1.3.tar.gz) = 58b6fe802e7e30182e95d0cde890c0ace40b6f125cffc50635f0ad2eef69b633
-SIZE (opus-1.1.3.tar.gz) = 978848
+TIMESTAMP = 1485035185
+SHA256 (opus-1.1.4.tar.gz) = 9122b6b380081dd2665189f97bfd777f04f92dc3ab6698eea1dbb27ad59d8692
+SIZE (opus-1.1.4.tar.gz) = 978830
--- a/audio/opus/pkg-plist
+++ b/audio/opus/pkg-plist
@ -6,6 +6,6 @@ include/opus/opus_types.h
 lib/libopus.a
 lib/libopus.so
 lib/libopus.so.0
-lib/libopus.so.0.5.3
+lib/libopus.so.0.5.4
 libdata/pkgconfig/opus.pc
 share/aclocal/opus.m4