cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
67,353 Commits 1 Branch 0 Tags 554 MiB
2555b16282
Commit Graph

68 Commits

Author SHA1 Message Date
sthen
2082f0a8c8 Fix heap corruption / integer overflow in playlist parser. CVE-2011-2194 
From Brad.
 2011-06-13 23:51:12 +00:00
dcoppa
25d9cd0797 - Fix a potential crash with MMS. 
- Don't free uninitialized ES format descriptor for DV muxed in AVI.

From upstream via Brad.
OK sthen@
 2011-05-08 16:20:16 +00:00
sthen
5bc2e9b459 - update comment with CVE id, from Brad 2011-04-25 09:32:42 +00:00
ajacoutot
6d01c2069a Fix build/run with new libnotify. 
tested in a bulk by landry, thanks!
ok landry@ jasper@
 2011-04-21 07:04:56 +00:00
sthen
63823c9382 Update comments in patch headers to include CVE details (no change to 
actual code). from Brad.
 2011-04-12 22:40:20 +00:00
sthen
8b274e7fbf SECURITY, fix a heap-based buffer overflow in the MP4 demuxer. 
From upstream via Brad.
 2011-04-11 15:11:28 +00:00
sthen
592f947173 security update, fix buffer overflow CVE-2010-3275, CVE-2010-3276, from Brad 2011-03-25 01:07:00 +00:00
jakemsr
9b54f5b172 fix for newer libmatroska 
from Brad (MAINTAINER)
 2011-03-12 21:19:13 +00:00
ajacoutot
77403fc962 SECURITY: fix a remote code execution vulnerability issue with the 
Mastroska container support (VideoLAN-SA-1102).

from Brad (maintainer)
ok sthen@
 2011-02-02 09:34:23 +00:00
ajacoutot
528cfe5b3c SECURITY: Handle early termination properly in StripTags. 
from Brad
ok sthen@
 2011-01-22 09:10:22 +00:00
jasper
82a76db7a0 Fix heap overflows in CDG decoder 
from brad (MAINTAINER)
 2011-01-14 19:46:46 +00:00
ajacoutot
85e7ca5e26 Forgot to cvs add in previous... 2010-12-31 06:58:44 +00:00
landry
f7034a1048 Fix for CVE-2010-2937 (Insufficient input validation in VLC TagLib 
plugin) :
"VLC fails to perform sufficient input validation when trying to extract
some meta-informations about input media through ID3v2 tags. In the
failure case, VLC attempt dereference an invalid memory address, and a
crash will ensure."
From brad via sthen@
 2010-09-29 11:30:03 +00:00
sthen
65b9350bd9 sundry cleanups; 
from Brad (maintainer):
- Fix sys/mount.h detection so VCD/libcdio support can be enabled.
- bump AUTOCONF_VERSION to 2.64.
- some Makefile cleaning up.

from me, ok Brad:
- garbage-collect share/locale dir
- collect REVISIONs together
 2010-09-17 12:15:20 +00:00
jakemsr
d957ca2d31 * no more anonymous unions in video(4) 
* bump REVISION-main
 2010-09-12 22:33:57 +00:00
dcoppa
f833f543bb Ops! patch-src_Makefile_in contains a CVS id: replace it with a perl 
workaround
 2010-06-17 09:17:52 +00:00
dcoppa
d0a569e14d Disable inhibit and screensaver plugins since they cause problems 
when the dbus daemon is running

Fix Help->About->Thanks dialog

Unbreak after xulrunner update (patches adapted from archlinux)

OK ajacoutot@, landry@
 2010-06-17 07:42:16 +00:00
sthen
d3325bbb11 Remove an #if patch that's now surplus since x264 has been upgraded. 
From Brad, no binary change.
 2010-06-04 23:21:43 +00:00
sthen
d5d0293b63 Remove posix_memalign workaround, now we have it in libc. 
In ifdef's no longer used following the libc update, so no bump.
From Brad (maintainer).
 2010-06-03 01:05:03 +00:00
sthen
f7df7b9bfa Build v4l2 support, which can work with uvideo(4). From Brad. 2010-05-09 00:16:26 +00:00
edd
af996e26bb Update to vlc-1.0.6 from maintainer Brad Smith. 
OK dcoppa@, sthen@.
 2010-05-05 08:43:35 +00:00
kili
76091f6c3b Some fixes after the x264 update. 
From Brad.

"theoretically ok" ajacoutot@
 2009-04-14 19:52:08 +00:00
jakemsr
ebe658d00d - remove artsd and esd backends 
- add sndio to WANTLIB
mostly from Brad, thanks
 2009-01-16 04:11:18 +00:00
jakemsr
32e8a1e508 - simpler faad related patching 
- bump PKGNAME

ok brad@
 2008-09-15 22:11:42 +00:00
brad
5602513893 Fix a crash if VLC is not able to connect to a RTSP server. 
ok sthen@
 2008-09-05 01:01:00 +00:00
brad
9b5b2d8f21 Pull in integer overflow fixes for TTA, MMS and Ogg. 
CVE-2008-3732, CVE-2008-3794

ok sthen@
 2008-09-04 22:58:23 +00:00
brad
e594d14508 upgrade to VLC 0.8.6i; bug fixes and integrates the previous 
security fix.

ok jakemsr@
 2008-07-15 16:19:15 +00:00
sthen
f188c77b13 SECURITY: patch to fix integer overflow in wav handling (CVE-2008-2430) 
Pulled from upstream GIT repository.

ok brad
 2008-07-09 17:28:42 +00:00
jakemsr
9452aa9236 * FFmpeg headers moved 
* FFmpeg LIB_DEPENDS/WANTLIB changes
* remove bogus @bin marker in PLIST (wxvlc is a symlink)
* bump PKGNAME-main
* img_convert()/img_resample() based filters disabled due to FFmpeg
  changes

feedback/ok brad@
 2008-07-09 02:17:12 +00:00
sthen
7b22162fa2 SECURITY update vlc to 0.8.6h 
- fixes *many* null pointer deref, error handling failures, leaks,
use-after-free and double-free found by Coverity

- fixes some MPEG2 TS audio packet loss

- numerous security fixes in 0.8.6g

- fixes some memory leaks

Also: mark altivec FLAVOR as broken; ajacoutot reports that the
altivec-enabled binary fails to start.

ok ajacoutot
 2008-06-09 22:55:43 +00:00
jakemsr
0ba235ecbe - use wxSlider instead of hacking wxGuage for the volume controller. 
from vlc subversion via Alexey Suslikov.

- use jack_client_connect() instead of jack_client_new() so multiple
instances of vlc can connect to jackd concurrently.  problem reported
by Alexey Suslikov.
 2008-05-11 18:12:40 +00:00
jakemsr
316ff80c5c security/bugfix update 
from the release notes:

VLC media player 0.8.6e and earlier versions suffer from security
vulnerabilities in the Subtitle demuxer, Real RTSP demuxer, MP4
demuxer and Cinepak codec.

from brad@
 2008-04-04 00:53:01 +00:00
jasper
872e337230 - zap empty file; brad 2008-04-03 07:57:01 +00:00
jakemsr
375747e383 update to vlc-0.8.6e 
This is a bugfix release. VLC media player 0.8.6d and earlier versions
suffer from security vulnerabilities in the Web interface, Subtitle
demuxer, Real RTSP demuxer, SDL_image library and MP4 demuxer.

See http://www.videolan.org/security/sa0801.php and
http://www.videolan.org/security/sa0802.php for more details.

from brad, OK naddy
 2008-03-02 02:27:04 +00:00
jakemsr
724d7f7c0e keep vlc building after ffmpeg update 2008-01-26 11:27:05 +00:00
jakemsr
5759613568 maintainence update to 0.8.6d 
from brad@
 2007-12-11 11:07:54 +00:00
jakemsr
d514f9d146 - add support for Esound and aRTs audio output, as pseudo_flavors 
and subpackages
- move the mozilla plugin to a subpackage
- enable altivec support as a flavor
- ffmpeg and wxWidgets lib_depends/wantlib updates

help/ok ajacoutot@
 2007-11-11 01:37:54 +00:00
ajacoutot
7fdac52af0 - SECURITY update to 0.8.6c (and various bugfixes, memory leaks) 
VideoLAN-SA-0702: format string injection in Vorbis, Theora, SAP and CDDA plugins
- remove bogus PLIST entry

from brad
 2007-06-18 23:14:20 +00:00
martynas
4dd62d708c empty patch files; from Moritz Grimm 2007-06-10 11:21:13 +00:00
jolan
0d35aa3d25 update to 0.8.6b, from brad 2007-06-05 01:53:04 +00:00
aanriot
b3d22fb592 fix a format string by keeping a place for the terminating NUL 
character.

ok avsm@
 2007-04-22 13:21:11 +00:00
ajacoutot
7a5f3efd4b - enable x264 support 
- add missing xenocara LIBS
- regen patches while here

"go for it" naddy@
 2007-04-08 17:34:20 +00:00
mbalmer
a4986d448c Security fix for vlc (see http://www.videolan.org/sa0701.html). NB, we never 
had the extensions enabled that are affected by the problem.

from brad
 2007-01-04 11:29:59 +00:00
jolan
06e809edbe update to 0.8.6 2006-12-23 13:31:30 +00:00
jolan
0920699ffd update to 0.8.5 2006-11-03 15:15:07 +00:00
pvalchev
15ac742fe5 use off_t/int64_t consistently (match prototype) 2006-09-22 02:23:13 +00:00
jakemsr
48c1287d33 - accomodate for libavcodec changes 
- bump PKGNAME

OK brad@
 2006-03-20 05:51:59 +00:00
jolan
49f1788e41 add win32 codec support 2005-12-24 09:01:17 +00:00
jolan
770acfc48d crank the priority on the ncurses module so that it is preferred over 
the rc one
 2005-12-22 16:36:17 +00:00
jolan
01d2b6dcb2 fix default font 2005-12-22 05:32:50 +00:00