diff options
author | Ned Ludd <solar@gentoo.org> | 2003-09-27 22:50:31 +0000 |
---|---|---|
committer | Ned Ludd <solar@gentoo.org> | 2003-09-27 22:50:31 +0000 |
commit | 94853fd52810d4f840e37fcc02c61b50bc844b65 (patch) | |
tree | 05959bd26cb7d11d5395b06037af292804e36e82 /media-video | |
parent | fix screenshot in 1.3.20, cleanup, mark 1.2.5 x86 (diff) | |
download | gentoo-2-94853fd52810d4f840e37fcc02c61b50bc844b65.tar.gz gentoo-2-94853fd52810d4f840e37fcc02c61b50bc844b65.tar.bz2 gentoo-2-94853fd52810d4f840e37fcc02c61b50bc844b65.zip |
security updates
Diffstat (limited to 'media-video')
-rw-r--r-- | media-video/mplayer/ChangeLog | 8 | ||||
-rw-r--r-- | media-video/mplayer/Manifest | 11 | ||||
-rw-r--r-- | media-video/mplayer/files/digest-mplayer-1.0_pre1-r1 | 5 | ||||
-rw-r--r-- | media-video/mplayer/files/vuln01-fix.diff | 37 | ||||
-rw-r--r-- | media-video/mplayer/mplayer-1.0_pre1-r1.ebuild | 413 |
5 files changed, 469 insertions, 5 deletions
diff --git a/media-video/mplayer/ChangeLog b/media-video/mplayer/ChangeLog index 946f5e52efce..4bbb2d48492d 100644 --- a/media-video/mplayer/ChangeLog +++ b/media-video/mplayer/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for media-video/mplayer # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-video/mplayer/ChangeLog,v 1.81 2003/09/27 22:31:49 mholzer Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-video/mplayer/ChangeLog,v 1.82 2003/09/27 22:50:27 solar Exp $ + +*mplayer-1.0_pre1-r1 (27 Sep 2003) + + 27 Sep 2003; <solar@gentoo.org> mplayer-1.0_pre1-r1.ebuild, + files/vuln01-fix.diff: + security fix for devel branch *mplayer-0.92 (28 Sep 2003) diff --git a/media-video/mplayer/Manifest b/media-video/mplayer/Manifest index f0a6aad3038c..a7ee7abaf180 100644 --- a/media-video/mplayer/Manifest +++ b/media-video/mplayer/Manifest @@ -1,15 +1,18 @@ -MD5 72a11125be27f23a78869282fbca237b ChangeLog 14772 -MD5 c206e5e87ef928368a8dbc4a6f4c6f8e mplayer-0.92.ebuild 11239 +MD5 b22e0d0ca8f80d3f21604f10bf3bc8cd ChangeLog 14926 MD5 b536633616dd0e40e4027cd1abf51d41 mplayer-0.91.ebuild 11269 +MD5 c206e5e87ef928368a8dbc4a6f4c6f8e mplayer-0.92.ebuild 11239 MD5 11e5afb5f7ec6f0fa02de8fa00d43020 mplayer-1.0_pre1.ebuild 10845 +MD5 353924216dad2d12435111f363cff283 mplayer-1.0_pre1-r1.ebuild 10933 +MD5 fef9f0571da54ae3df2e804100bd2632 files/vuln01-fix.diff 1231 MD5 6c2dab3392aab51766253b416ad2a10c files/default-skin.diff 396 +MD5 d2a3635d5b682767397834e55a08ec33 files/digest-mplayer-0.91 355 MD5 0dfbe04e5dcbb70606ce707ffca6f871 files/digest-mplayer-0.92 355 +MD5 89440216f99b2e09265d46fead5363fb files/digest-mplayer-1.0_pre1 358 MD5 260489267a0ccf01fe300bce0ec1430d files/mencoder-segfault.patch 520 -MD5 d2a3635d5b682767397834e55a08ec33 files/digest-mplayer-0.91 355 MD5 a71fc9832d953424652af1125fb7ea64 files/mplayer-0.90-coreutils-fixup.patch 1857 MD5 8f18911adcd661e70ad0cd84a94d49ac files/mplayer-0.90-divx.patch 25064 MD5 26a52f084f4d177580ed9ea0187f54e7 files/mplayer-0.90-ppc-benh-2.patch 2049 MD5 9e064190a914d26b0392a266753161ed files/mplayer-0.90-ppc-benh.patch 2029 MD5 059e03d1d2c965b04a5e53ed850de64a files/mplayer-0.90_rc4-gtk2.patch 6183 MD5 c2d65649f15837c5a326557ded4e47c5 files/mplayer.desktop 119 -MD5 89440216f99b2e09265d46fead5363fb files/digest-mplayer-1.0_pre1 358 +MD5 e28e0d37402da0cd2cd1965fe7e71eb5 files/digest-mplayer-1.0_pre1-r1 358 diff --git a/media-video/mplayer/files/digest-mplayer-1.0_pre1-r1 b/media-video/mplayer/files/digest-mplayer-1.0_pre1-r1 new file mode 100644 index 000000000000..ee8a7e27914a --- /dev/null +++ b/media-video/mplayer/files/digest-mplayer-1.0_pre1-r1 @@ -0,0 +1,5 @@ +MD5 657ff738f19a8a42739b76b46585a783 MPlayer-1.0pre1.tar.bz2 4190784 +MD5 6c3f032ddf401ca522900291de03fee5 font-arial-iso-8859-1.tar.bz2 234810 +MD5 0f9a5d53f836e2d2d2bde207dc641044 font-arial-iso-8859-2.tar.bz2 222677 +MD5 3f1b9eb2ba639bf42c61f7b9189f6524 svgalib_helper-1.9.17-mplayer.tar.bz2 7234 +MD5 ee26d46d5c52c5e3ac15164e78300b44 Blue-1.0.tar.bz2 219130 diff --git a/media-video/mplayer/files/vuln01-fix.diff b/media-video/mplayer/files/vuln01-fix.diff new file mode 100644 index 000000000000..407bc804165f --- /dev/null +++ b/media-video/mplayer/files/vuln01-fix.diff @@ -0,0 +1,37 @@ +Update of /cvsroot/mplayer/main/libmpdemux +In directory mail:/var/tmp.root/cvs-serv19707/libmpdemux + +Modified Files: + asf_streaming.c +Log Message: +simple fix for buffer overflow (remotely exploitable). feel free to +commit a better fix if you don't like it. + + +Index: asf_streaming.c +=================================================================== +RCS file: /cvsroot/mplayer/main/libmpdemux/asf_streaming.c,v +retrieving revision 1.40 +retrieving revision 1.41 +diff -u -r1.40 -r1.41 +--- asf_streaming.c 15 Aug 2003 19:13:23 -0000 1.40 ++++ asf_streaming.c 25 Sep 2003 00:36:04 -0000 1.41 +@@ -502,11 +502,11 @@ + return NULL; + } + http_set_uri( http_hdr, server_url->url ); +- sprintf( str, "Host: %s:%d", server_url->hostname, server_url->port ); ++ sprintf( str, "Host: %.220s:%d", server_url->hostname, server_url->port ); + url_free( server_url ); + } else { + http_set_uri( http_hdr, url->file ); +- sprintf( str, "Host: %s:%d", url->hostname, url->port ); ++ sprintf( str, "Host: %.220s:%d", url->hostname, url->port ); + } + + http_set_field( http_hdr, str ); + +_______________________________________________ +Mplayer-cvslog mailing list +Mplayer-cvslog@mplayerhq.hu +http://mplayerhq.hu/mailman/listinfo/mplayer-cvslog diff --git a/media-video/mplayer/mplayer-1.0_pre1-r1.ebuild b/media-video/mplayer/mplayer-1.0_pre1-r1.ebuild new file mode 100644 index 000000000000..a8c6c2d76b77 --- /dev/null +++ b/media-video/mplayer/mplayer-1.0_pre1-r1.ebuild @@ -0,0 +1,413 @@ +# Copyright 1999-2003 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-video/mplayer/mplayer-1.0_pre1-r1.ebuild,v 1.1 2003/09/27 22:50:27 solar Exp $ + +IUSE="dga oss xmms jpeg 3dfx sse matrox sdl X svga ggi oggvorbis 3dnow aalib gnome xv opengl truetype dvd gtk gif esd fbcon encode alsa directfb arts dvb gtk2 samba" + +inherit eutils + +# NOTE to myself: Test this thing with and without dvd/gtk+ support, +# as it seems the mplayer guys dont really care to +# make it work without dvd support. + +# Handle PREversions as well +MY_PV="${PV/_/}" +S="${WORKDIR}/${PN}-${MY_PV}" +SRC_URI="http://mplayerhq.hu/MPlayer/releases/MPlayer-${MY_PV}.tar.bz2 + http://mplayerhq.hu/MPlayer/releases/fonts/font-arial-iso-8859-1.tar.bz2 + http://mplayerhq.hu/MPlayer/releases/fonts/font-arial-iso-8859-2.tar.bz2 + svga? ( http://mplayerhq.hu/~alex/svgalib_helper-1.9.17-mplayer.tar.bz2 ) + gtk? ( http://mplayerhq.hu/MPlayer/Skin/Blue-1.0.tar.bz2 )" +# Only install Skin if GUI should be build (gtk as USE flag) +DESCRIPTION="Media Player for Linux" +HOMEPAGE="http://www.mplayerhq.hu/" + +# 'encode' in USE for MEncoder. +RDEPEND="ppc? ( >=media-libs/xvid-0.9.0 ) + x86? ( >=media-libs/xvid-0.9.0 + >=media-libs/divx4linux-20030428 + >=media-libs/win32codecs-0.60 ) + gtk? ( !gtk2 ( =x11-libs/gtk+-1.2* + =dev-libs/glib-1.2* ) + media-libs/libpng + >=x11-base/xfree-4.2.1-r2 ) + gtk2? ( >=x11-libs/gtk+-2.0.6 + >=dev-libs/glib-2.0.6 ) + jpeg? ( media-libs/jpeg ) + gif? ( media-libs/giflib + media-libs/libungif ) + truetype? ( >=media-libs/freetype-2.1 ) + esd? ( media-sound/esound ) + ggi? ( media-libs/libggi ) + sdl? ( media-libs/libsdl ) + alsa? ( media-libs/alsa-lib ) + arts? ( kde-base/arts ) + nas? ( media-libs/nas ) + svga? ( media-libs/svgalib ) + encode? ( media-sound/lame + >=media-libs/libdv-0.9.5 ) + xmms? ( media-sound/xmms ) + opengl? ( virtual/opengl ) + directfb? ( dev-libs/DirectFB ) + oggvorbis? ( media-libs/libvorbis ) + nls? ( sys-devel/gettext ) + media-sound/cdparanoia + mpeg? ( media-libs/faad2 ) + samba? ( >=net-fs/samba-2.2.8a ) + >=sys-apps/portage-2.0.36" +# dvd? ( media-libs/libdvdnav ) +# Hardcode paranoia support for now, as there is no +# related USE flag. + +DEPEND="${RDEPEND} + x86? ( dev-lang/nasm ) + app-arch/unzip" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~x86 ~ppc ~sparc" + + +src_unpack() { + + unpack MPlayer-${MY_PV}.tar.bz2 \ + font-arial-iso-8859-1.tar.bz2 font-arial-iso-8859-2.tar.bz2 + + use svga && unpack svgalib_helper-1.9.17-mplayer.tar.bz2 + + use gtk && unpack Blue-1.0.tar.bz2 + + # Use gtk-2.x + cd ${S}; epatch ${FILESDIR}/${PN}-0.90_rc4-gtk2.patch + + # Fix head/tail call for new coreutils + cd ${S}; epatch ${FILESDIR}/${PN}-0.90-coreutils-fixup.patch + + # Fix mencoder segfaulting with bad arguments + cd ${S}; epatch ${FILESDIR}/mencoder-segfault.patch + + # Fix mplayer to detect detect/use altivec on benh kernels, + # bug #18511. + use ppc && \ + (cd ${S}; epatch ${FILESDIR}/${PN}-0.90-ppc-benh-2.patch) + + if [ "`use svga`" ] + then + echo + einfo "Enabling vidix non-root mode." + einfo "(You need a proper svgalib_helper.o module for your kernel" + einfo " to actually use this)" + echo + + mv ${WORKDIR}/svgalib_helper ${S}/libdha + cd ${S}/libdha + sed -i -e "s/^#CFLAGS/CFLAGS/" Makefile + fi + + # security fix Bug #29640 + cd ${S}/libmpdemux && epatch ${FILESDIR}/vuln01-fix.diff +} + +src_compile() { + + use matrox && check_KV + + local myconf= + + use 3dnow \ + || myconf="${myconf} --disable-3dnow --disable-3dnowex" + + use sse \ + || myconf="${myconf} --disable-sse --disable-sse2" + + # Only disable MMX if 3DNOW or SSE is not in USE + use mmx || use 3dnow || use sse \ + || myconf="${myconf} --disable-mmx --disable-mmx2" + + # Only disable X if gtk is not in USE + use X || use gtk \ + || myconf="${myconf} --disable-gui --disable-x11 --disable-xv \ + --disable-xmga --disable-png" + + use jpeg \ + || myconf="${myconf} --disable-jpeg" + + use gif \ + || myconf="${myconf} --disable-gif" + + ( use matrox && use X ) \ + && myconf="${myconf} --enable-xmga" \ + || myconf="${myconf} --disable-xmga" + + use gtk \ + && myconf="${myconf} --enable-gui --enable-x11 \ + --enable-xv --enable-vm --enable-png" + + ( use gtk && use gtk2 ) \ + && myconf="${myconf} --enable-gtk2" + + use truetype \ + && myconf="${myconf} --enable-freetype" \ + || myconf="${myconf} --disable-freetype" + + use oss \ + || myconf="${myconf} --disable-ossaudio" + + use opengl \ + || myconf="${myconf} --disable-gl" + + use sdl \ + || myconf="${myconf} --disable-sdl" + + use ggi \ + || myconf="${myconf} --disable-ggi" + + use svga \ + || myconf="${myconf} --disable-svga" + + use directfb \ + || myconf="${myconf} --disable-directfb" + + use fbcon \ + || myconf="${myconf} --disable-fbdev" + + use esd \ + || myconf="${myconf} --disable-esd" + + use alsa \ + || myconf="${myconf} --disable-alsa" + + use arts \ + || myconf="${myconf} --disable-arts" + + use nas \ + || myconf="${myconf} --disable-nas" + + use oggvorbis \ + || myconf="${myconf} --disable-vorbis" + + use encode \ + && myconf="${myconf} --enable-mencoder --enable-tv" \ + || myconf="${myconf} --disable-mencoder" + + use dvd \ + && myconf="${myconf} --enable-mpdvdkit" \ + || myconf="${myconf} --disable-mpdvdkit --disable-dvdread \ + --disable-css" + # Disable dvdnav support as its not considered to be + # functional anyhow, and will be removed. + + use xmms \ + && myconf="${myconf} --enable-xmms" + + use mpeg \ + && myconf="${myconf} --enable-faad" \ + || myconf="${myconf} --disable-faad" + + use matrox \ + && myconf="${myconf} --enable-mga" \ + || myconf="${myconf} --disable-mga" + + use 3dfx \ + && myconf="${myconf} --enable-tdfxfb" + # --enable-3dfx is broken according to the MPlayer guys. + + use dvb \ + && myconf="${myconf} --enable-dvb" \ + || myconf="${myconf} --disable-dvb" + + use nls \ + && myconf="${myconf} --enable-i18n" \ + || myconf="${myconf} --disable-i18n" + + use samba \ + && myconf="${myconf} --enable-smb" \ + || myconf="${myconf} --disable-smb" + + if [ -d /opt/RealPlayer9/Real/Codecs ] + then + einfo "Setting REALLIBDIR to /opt/RealPlayer9/Real/Codecs..." + REALLIBDIR="/opt/RealPlayer9/Real/Codecs" + elif [ -d /opt/RealPlayer8/Codecs ] + then + einfo "Setting REALLIBDIR to /opt/RealPlayer8/Codecs..." + REALLIBDIR="/opt/RealPlayer8/Codecs" + else + REALLIBDIR="/usr/lib/real" + fi + + if has_version media-plugins/live + then + einfo "Enabling LIVE.COM Streaming Media..." + myconf="${myconf} --enable-live" + fi + + + # For lirc support as the auto-detect doesn't seem to work + if [ -f /usr/include/lirc/lirc_client.h ] + then + einfo "Enabling lirc support..." + myconf="${myconf} --enable-lirc" + else + myconf="${myconf} --disable-lirc" + fi + + if [ -e /dev/.devfsd ] + then + myconf="${myconf} --enable-linux-devfs" + fi + + if has_version 'sys-devel/hardened-gcc' && [ "${CC}" = "gcc" ] + then + CC="${CC} -yet_exec" + fi + + # Crashes on start when compiled with most optimizations. + # The code have CPU detection code now, with CPU specific + # optimizations, so extra should not be needed and is not + # recommended by the authors + unset CFLAGS CXXFLAGS + ./configure --prefix=/usr \ + --datadir=/usr/share/mplayer \ + --confdir=/usr/share/mplayer \ + --disable-runtime-cpudetection \ + --enable-largefiles \ + --enable-menu \ + --enable-real \ + --with-reallibdir=${REALLIBDIR} \ + --with-x11incdir=/usr/X11R6/include \ + ${myconf} || die + # Breaks with gcc-2.95.3, bug #14479: + # --enable-shared-pp \ + # Enable untested and currently unused code: + # --enable-dynamic-plugins \ + + # emake borks on fast boxes - Azarah (07 Aug 2002) + einfo "Make" + make all || die "Failed to build MPlayer!" + einfo "Make completed" + + # We build the shared libpostproc.so here so that our + # mplayer binary is not linked to it, ensuring that we + # do not run into issues ... (bug #14479) + cd ${S}/libavcodec/libpostproc + make SHARED_PP="yes" || die "Failed to build libpostproc.so!" + + if [ -n "`use matrox`" ] + then + cd ${S}/drivers + make all || die "Failed to build matrox driver!" + fi +} + +src_install() { + + einfo "Make install" + make prefix=${D}/usr \ + BINDIR=${D}/usr/bin \ + LIBDIR=${D}/usr/lib \ + CONFDIR=${D}/usr/share/mplayer \ + DATADIR=${D}/usr/share/mplayer \ + MANDIR=${D}/usr/share/man \ + install || die "Failed to install MPlayer!" + einfo "Make install completed" + + # Install our libpostproc.so ... + cd ${S}/libavcodec/libpostproc + make prefix=${D}/usr \ + SHARED_PP="yes" \ + install || die "Failed to install libpostproc.so!" + cd ${S} + + dodoc AUTHORS ChangeLog README + # Install the documentation; DOCS is all mixed up not just html + cp -r ${S}/DOCS ${D}/usr/share/doc/${PF}/ || die + + # Copy misc tools to documentation path, as they're not installed + # directly + cp -r ${S}/TOOLS ${D}/usr/share/doc/${PF} || die + + # Install the default Skin and Gnome menu entry + if [ -n "`use gtk`" ] + then + dodir /usr/share/mplayer/Skin + cp -r ${WORKDIR}/Blue ${D}/usr/share/mplayer/Skin/default || die + + # Fix the symlink + rm -rf ${D}/usr/bin/gmplayer + dosym mplayer /usr/bin/gmplayer + fi + + if [ -n "`use gnome`" ] + then + insinto /usr/share/pixmaps + newins ${S}/Gui/mplayer/pixmaps/logo.xpm mplayer.xpm + insinto /usr/share/gnome/apps/Multimedia + doins ${FILESDIR}/mplayer.desktop + fi + + dodir /usr/share/mplayer/fonts + cp -a ${WORKDIR}/font-arial* ${D}/usr/share/mplayer/fonts + # Fix the font symlink ... + rm -rf ${D}/usr/share/mplayer/font + dosym fonts/font-arial-14-iso-8859-1 /usr/share/mplayer/font + + insinto /etc + newins ${S}/etc/example.conf mplayer.conf + dosed -e 's/include =/#include =/' /etc/mplayer.conf + dosed -e 's/fs=yes/fs=no/' /etc/mplayer.conf + dosym ../../../etc/mplayer.conf /usr/share/mplayer/mplayer.conf + + insinto /usr/share/mplayer + doins ${S}/etc/codecs.conf + doins ${S}/etc/input.conf + doins ${S}/etc/menu.conf + + if [ -n "`use matrox`" ] + then + check_KV + insinto /lib/modules/${KV}/kernel/drivers/char + doins ${S}/drivers/mga_vid.o + fi +} + +pkg_preinst() { + + if [ -d "${ROOT}/usr/share/mplayer/Skin/default" ] + then + rm -rf ${ROOT}/usr/share/mplayer/Skin/default + fi +} + +pkg_postinst() { + + if [ -n "`use ppc`" ] + then + echo + einfo "When you see only GREEN salad on your G4 while playing" + einfo "a DivX, you should recompile _without_ altivec enabled." + einfo "Furher information: http://bugs.gentoo.org/show_bug.cgi?id=18511" + echo + einfo "If everything functions fine with watching DivX and" + einfo "altivec enabled, please drop a comment on the mentioned bug!" + fi + + depmod -a &>/dev/null || : +} + +pkg_postrm() { + + # Cleanup stale symlinks + if [ -L ${ROOT}/usr/share/mplayer/font -a \ + ! -e ${ROOT}/usr/share/mplayer/font ] + then + rm -f ${ROOT}/usr/share/mplayer/font + fi + + if [ -L ${ROOT}/usr/share/mplayer/subfont.ttf -a \ + ! -e ${ROOT}/usr/share/mplayer/subfont.ttf ] + then + rm -f ${ROOT}/usr/share/mplayer/subfont.ttf + fi +} + |