rpms/mplayer/F-9 mplayer-CVE-2008-3827.patch, NONE, 1.1 .cvsignore,
1.2, 1.3 mplayer-config.patch, 1.1, 1.2 mplayer-manlinks.patch,
1.1, 1.2 mplayer.spec, 1.1, 1.2 sources, 1.2,
1.3 mplayer-dvdread.patch, 1.1, NONE
Dominik Mierzejewski
rathann at rpmfusion.org
Sun Oct 12 22:52:36 CEST 2008
Author: rathann
Update of /cvs/free/rpms/mplayer/F-9
In directory se02.es.rpmfusion.net:/tmp/cvs-serv20975/F-9
Modified Files:
.cvsignore mplayer-config.patch mplayer-manlinks.patch
mplayer.spec sources
Added Files:
mplayer-CVE-2008-3827.patch
Removed Files:
mplayer-dvdread.patch
Log Message:
- security fix for CVE-2008-3827
- sync with devel for F-9
mplayer-CVE-2008-3827.patch:
--- NEW FILE mplayer-CVE-2008-3827.patch ---
Index: libmpdemux/demux_real.c
===================================================================
--- libmpdemux/demux_real.c (revision 27674)
+++ libmpdemux/demux_real.c (revision 27675)
@@ -947,6 +947,7 @@
// last fragment!
if(dp_hdr->len!=vpkg_length-vpkg_offset)
mp_msg(MSGT_DEMUX,MSGL_V,"warning! assembled.len=%d frag.len=%d total.len=%d \n",dp->len,vpkg_offset,vpkg_length-vpkg_offset);
+ if (vpkg_offset > dp->len - sizeof(dp_hdr_t) - dp_hdr->len) vpkg_offset = dp->len - sizeof(dp_hdr_t) - dp_hdr->len;
stream_read(demuxer->stream, dp_data+dp_hdr->len, vpkg_offset);
if((dp_data[dp_hdr->len]&0x20) && (sh_video->format==0x30335652)) --dp_hdr->chunks; else
dp_hdr->len+=vpkg_offset;
@@ -970,6 +971,7 @@
// non-last fragment:
if(dp_hdr->len!=vpkg_offset)
mp_msg(MSGT_DEMUX,MSGL_V,"warning! assembled.len=%d offset=%d frag.len=%d total.len=%d \n",dp->len,vpkg_offset,len,vpkg_length);
+ if (len > dp->len - sizeof(dp_hdr_t) - dp_hdr->len) len = dp->len - sizeof(dp_hdr_t) - dp_hdr->len;
stream_read(demuxer->stream, dp_data+dp_hdr->len, len);
if((dp_data[dp_hdr->len]&0x20) && (sh_video->format==0x30335652)) --dp_hdr->chunks; else
dp_hdr->len+=len;
@@ -992,6 +994,7 @@
extra[0]=1; extra[1]=0; // offset of the first chunk
if(0x00==(vpkg_header&0xc0)){
// first fragment:
+ if (len > dp->len - sizeof(dp_hdr_t)) len = dp->len - sizeof(dp_hdr_t);
dp_hdr->len=len;
stream_read(demuxer->stream, dp_data, len);
ds->asf_packet=dp;
Index: .cvsignore
===================================================================
RCS file: /cvs/free/rpms/mplayer/F-9/.cvsignore,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- .cvsignore 19 Aug 2008 00:08:33 -0000 1.2
+++ .cvsignore 12 Oct 2008 20:52:05 -0000 1.3
@@ -1,2 +1,2 @@
+mplayer-export-2008-09-03.tar.bz2
Blue-1.7.tar.bz2
-mplayer-export-2008-08-18.tar.bz2
mplayer-config.patch:
Index: mplayer-config.patch
===================================================================
RCS file: /cvs/free/rpms/mplayer/F-9/mplayer-config.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- mplayer-config.patch 19 Aug 2008 00:08:33 -0000 1.1
+++ mplayer-config.patch 12 Oct 2008 20:52:06 -0000 1.2
@@ -1,23 +1,56 @@
---- etc/example.conf~ 2006-06-11 21:35:46.000000000 +0300
-+++ etc/example.conf 2006-08-10 01:18:25.000000000 +0300
-@@ -3,3 +3,3 @@
+diff -up mplayer-export-2008-08-18/etc/example.conf.orig mplayer-export-2008-08-18/etc/example.conf
+--- mplayer-export-2008-08-18/etc/example.conf.orig 2008-02-08 19:33:39.000000000 +0100
++++ mplayer-export-2008-08-18/etc/example.conf 2008-08-19 13:47:15.000000000 +0200
+@@ -1,7 +1,7 @@
+ #
+ # MPlayer configuration file
#
-# Configuration files are read system-wide from /usr/local/etc/mplayer.conf
+# Configuration files are read system-wide from /etc/mplayer/mplayer.conf
# and per user from ~/.mplayer/config, where per-user settings override
-@@ -93,3 +93,3 @@
+ # system-wide settings, all of which are overrriden by the command line.
+ #
+@@ -71,7 +71,7 @@
+ ##################
+
+ # Specify default audio driver (see -ao help for a list).
+-#ao=oss
++ao = pulse,alsa,
+
+ # Use SDL audio driver with the esd subdriver by default.
+ #ao = sdl:esd
+@@ -95,7 +95,7 @@
+ #framedrop = yes
+
# Specify your preferred skin here (skins are searched for in
-# /usr/local/share/mplayer/skins/<name> and ~/.mplayer/skins/<name>).
+# /usr/share/mplayer/skins/<name> and ~/.mplayer/skins/<name>).
#skin = Abyss
-@@ -120,4 +120,9 @@
-+# A plugged in joystick can interfere with keyboard shortcuts
-+joystick = no
-+
+ # Resample the font alphamap.
+@@ -105,6 +105,15 @@
+ # 10 bold black outline
+ #ffactor = 0.75
+
+# FriBidi can do "funny" things to some ISO-8859-* subtitles
+flip-hebrew = no
++
++# Use fontconfig for font selection
++fontconfig = yes
++
++# Default font for unstyled subtitles
++font = "Sans"
++
+ # cache settings
+ #
+ # Use 8MB input cache by default.
+@@ -122,6 +131,9 @@
+ # DVD: Play English audio tracks if available.
+ #alang = en
- # You can also include other configuration files.
--#include = /path/to/the/file/you/want/to/include
-+#include = /home/me/.mplayer/something
++# A plugged in joystick can interfere with keyboard shortcuts
++joystick = no
++
+ ###################
+ # DVDNAV Settings #
+ ###################
mplayer-manlinks.patch:
Index: mplayer-manlinks.patch
===================================================================
RCS file: /cvs/free/rpms/mplayer/F-9/mplayer-manlinks.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- mplayer-manlinks.patch 19 Aug 2008 00:08:33 -0000 1.1
+++ mplayer-manlinks.patch 12 Oct 2008 20:52:06 -0000 1.2
@@ -1,16 +1,16 @@
-diff -up mplayer-export-2008-06-04/Makefile.manlinks mplayer-export-2008-06-04/Makefile
---- mplayer-export-2008-06-04/Makefile.manlinks 2008-05-30 22:10:36.000000000 +0200
-+++ mplayer-export-2008-06-04/Makefile 2008-06-04 23:13:37.000000000 +0200
-@@ -805,7 +805,7 @@ install-mplayer-man-en:
- $(INSTALL) -c -m 644 DOCS/man/en/mplayer.1 $(MANDIR)/man1/
+diff -up mplayer-export-2008-08-18/Makefile.manlinks mplayer-export-2008-08-18/Makefile
+--- mplayer-export-2008-08-18/Makefile.manlinks 2008-08-14 22:42:54.000000000 +0200
++++ mplayer-export-2008-08-18/Makefile 2008-08-19 13:50:17.000000000 +0200
+@@ -830,7 +830,7 @@ install-mencoder-man: $(foreach lang,$(M
+ install-mplayer-man: $(foreach lang,$(MAN_LANGS),install-mplayer-man-$(lang))
install-mencoder-man-en: install-mplayer-man-en
- cd $(MANDIR)/man1 && ln -sf mplayer.1 mencoder.1
+ echo ".so mplayer.1" > $(MANDIR)/man1/mencoder.1
- define MPLAYER_MAN_RULE
- install-mplayer-man-$(lang):
-@@ -815,7 +815,7 @@ endef
+ install-mplayer-man-en:
+ $(INSTALL) -d $(MANDIR)/man1
+@@ -838,7 +838,7 @@ install-mplayer-man-en:
define MENCODER_MAN_RULE
install-mencoder-man-$(lang): install-mplayer-man-$(lang)
@@ -18,4 +18,4 @@
+ echo ".so mplayer.1" > $(MANDIR)/$(lang)/man1/mencoder.1
endef
- $(foreach lang,$(MAN_LANG),$(eval $(MPLAYER_MAN_RULE)))
+ define MPLAYER_MAN_RULE
Index: mplayer.spec
===================================================================
RCS file: /cvs/free/rpms/mplayer/F-9/mplayer.spec,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- mplayer.spec 19 Aug 2008 00:08:33 -0000 1.1
+++ mplayer.spec 12 Oct 2008 20:52:06 -0000 1.2
@@ -1,30 +1,31 @@
%define codecdir %{_libdir}/codecs
-%define pre 20080818svn
+%define pre 20080903svn
%define svn 1
-%define svnbuild 2008-08-18
-%define svnrev 27470
+%define svnbuild 2008-09-03
%define faad2min 1:2.6.1
Name: mplayer
Version: 1.0
-Release: 0.96.%{pre}%{?dist}
+Release: 0.97.%{pre}%{?dist}
Summary: Movie player playing most video formats and DVDs
Group: Applications/Multimedia
License: GPLv2+
URL: http://www.mplayerhq.hu/
%if %{svn}
-Source0: http://rpm.greysector.net/livna/mplayer-export-%{svnbuild}.tar.bz2
+# run ./mplayer-snapshot.sh to get this
+Source0: mplayer-export-%{svnbuild}.tar.bz2
%else
Source0: http://www.mplayerhq.hu/MPlayer/releases/MPlayer-%{version}%{pre}.tar.bz2
%endif
Source1: http://www.mplayerhq.hu/MPlayer/skins/Blue-1.7.tar.bz2
+Source10: mplayer-snapshot.sh
Patch2: %{name}-config.patch
Patch5: %{name}-x86_32-compile.patch
Patch8: %{name}-manlinks.patch
Patch10: %{name}-qcelp.patch
-Patch11: %{name}-dvdread.patch
Patch12: %{name}-man-zh_CN.patch
+Patch13: %{name}-CVE-2008-3827.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: SDL-devel
@@ -54,9 +55,10 @@
BuildRequires: libcaca-devel
BuildRequires: libdca-devel
BuildRequires: libdv-devel
-BuildRequires: libdvdnav-devel >= 4.1.2
+BuildRequires: libdvdnav-devel >= 4.1.3-1
BuildRequires: libjpeg-devel
BuildRequires: libmpcdec-devel
+BuildRequires: libsmbclient-devel
BuildRequires: libtheora-devel
BuildRequires: libvorbis-devel
BuildRequires: lirc-devel
@@ -65,7 +67,7 @@
BuildRequires: pulseaudio-lib-devel
BuildRequires: speex-devel >= 1.1
BuildRequires: twolame-devel
-BuildRequires: x264-devel
+BuildRequires: x264-devel >= 0.0.0-0.14.20080613
BuildRequires: xvidcore-devel >= 0.9.2
%{?_with_arts:BuildRequires: arts-devel}
%{?_with_amr:BuildRequires: amrnb-devel amrwb-devel}
@@ -75,7 +77,6 @@
%{?_with_libmad:BuildRequires: libmad-devel}
%{?_with_nemesi:BuildRequires: libnemesi-devel >= 0.6.3}
%{?_with_openal:BuildRequires: openal-devel}
-%{?_with_samba:BuildRequires: libsmbclient-devel}
%{?_with_svgalib:BuildRequires: svgalib-devel}
%{?_with_xmms:BuildRequires: xmms-devel}
%if %{svn}
@@ -97,7 +98,6 @@
OpenGL, SVGAlib, fbdev, AAlib, DirectFB etc. There are also nice
antialiased shaded subtitles and OSD.
Non-default rpmbuild options:
---with samba: Enable Samba (smb://) support
--with xmms: Enable XMMS input plugin support
--with amr: Enable AMR support
--with libmad: Enable libmad support
@@ -141,12 +141,12 @@
%else
%setup -q -n MPlayer-%{version}%{pre}
%endif
-%patch2 -p0
+%patch2 -p1 -b .config
%patch5 -p1 -b .compile
%patch8 -p1 -b .manlinks
%patch10 -p1 -b .qclp
-%patch11 -p1 -b .dvdread
%patch12 -p1 -b .man-zh_CN
+%patch13 -p0 -b .cve
doconv() {
iconv -f $1 -t $2 -o DOCS/man/$3/mplayer.1.utf8 DOCS/man/$3/mplayer.1 && \
@@ -158,13 +158,8 @@
mv DOCS/man/zh DOCS/man/zh_CN
-sed -i -e 's/\(SVN-r[0-9]* \)/\1rpm.livna.org /' -e 's/UNKNOWN/%{svnrev}/' version.sh
-
-# remove internal libdvdread copy to avoid clashes
-rm -r dvdread
-
%build
-export CFLAGS="$RPM_OPT_FLAGS -ffast-math"
+export CFLAGS="$RPM_OPT_FLAGS -ffast-math --std=gnu99"
%ifarch ppc
export CFLAGS="$CFLAGS -maltivec -mabi=altivec"
%endif
@@ -189,7 +184,6 @@
--enable-lirc \
--enable-joystick \
%{!?_with_nemesi:--disable-nemesi} \
- %{!?_with_samba:--disable-smb} \
--disable-dvdread-internal \
--disable-libdvdcss-internal \
--enable-menu \
@@ -217,9 +211,7 @@
%{?_with_xmms:--with-xmmslibdir=%{_libdir}} \
--with-xvmclib=XvMCW
-# parallel make fails in vidix
-#%{__make} %{?_smp_mflags}
-%{__make}
+%{__make} %{?_smp_mflags}
mv -f mplayer gmplayer
%{__make} distclean
@@ -244,7 +236,6 @@
--enable-lirc \
--enable-joystick \
%{!?_with_nemesi:--disable-nemesi} \
- %{!?_with_samba:--disable-smb} \
--disable-dvdread-internal \
--disable-libdvdcss-internal \
--enable-menu \
@@ -272,9 +263,7 @@
%{?_with_xmms:--with-xmmslibdir=%{_libdir}} \
--with-xvmclib=XvMCW
-# parallel make fails in vidix
-#%{__make} %{?_smp_mflags}
-%{__make}
+%{__make} %{?_smp_mflags}
%if %{svn}
# build HTML documentation from XML files
@@ -301,10 +290,6 @@
# Default config files
install -Dpm 644 etc/example.conf \
$RPM_BUILD_ROOT%{_sysconfdir}/mplayer/mplayer.conf
-# use Nimbus Sans L font for OSD (via fontconfig)
-echo "fontconfig=yes" >>$RPM_BUILD_ROOT%{_sysconfdir}/mplayer/mplayer.conf
-echo "font=\"Sans\"" >>$RPM_BUILD_ROOT%{_sysconfdir}/mplayer/mplayer.conf
-echo "ao=pulse,alsa," >>$RPM_BUILD_ROOT%{_sysconfdir}/mplayer/mplayer.conf
install -pm 644 etc/{input,menu}.conf $RPM_BUILD_ROOT%{_sysconfdir}/mplayer/
@@ -403,6 +388,20 @@
%changelog
+* Sun Oct 12 2008 Dominik Mierzejewski <rpm at greysector.net> - 1.0-0.97.20080903svn
+- backport the fix for CVE-2008-3827
+- updated to 20080903 SVN snapshot
+- added snapshot creation script
+- dropped version sed-patching (happens in the snapshot script now)
+- enabled samba support by default
+- moved config settings to config patch
+- rebased patches against current snapshot
+- dropped obsolete patches
+- installed aconvert.sh to bindir
+- fixed zh_CN manpage installation
+- BR latest x264
+- re-enable parallel make
+
* Mon Aug 18 2008 Dominik Mierzejewski <rpm at greysector.net> - 1.0-0.96.20080818svn
- updated to latest SVN snapshot
- dropped obsolete patches
Index: sources
===================================================================
RCS file: /cvs/free/rpms/mplayer/F-9/sources,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- sources 19 Aug 2008 00:08:33 -0000 1.2
+++ sources 12 Oct 2008 20:52:06 -0000 1.3
@@ -1,2 +1,2 @@
+65263306ab6ea771758a9dbeabeb2773 mplayer-export-2008-09-03.tar.bz2
e4e2020d11b681aac898103b3ba723c4 Blue-1.7.tar.bz2
-f09caa71435c9c8818c2f681722042a7 mplayer-export-2008-08-18.tar.bz2
--- mplayer-dvdread.patch DELETED ---
More information about the rpmfusion-commits
mailing list