summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChris White <chriswhite@gentoo.org>2004-12-23 04:42:07 +0000
committerChris White <chriswhite@gentoo.org>2004-12-23 04:42:07 +0000
commit71a162434f03cc964c2b3c67b1eca82b099742bd (patch)
tree5a9dd016b533315ca97d7d2750c5ef8b5de5f2a1 /media-libs
parent (Manifest recommit) (diff)
downloadgentoo-2-71a162434f03cc964c2b3c67b1eca82b099742bd.tar.gz
gentoo-2-71a162434f03cc964c2b3c67b1eca82b099742bd.tar.bz2
gentoo-2-71a162434f03cc964c2b3c67b1eca82b099742bd.zip
Security fix #74475 on djbs overflows. Also fixed X11 lib detection. Stable on x86 for security.
Diffstat (limited to 'media-libs')
-rw-r--r--media-libs/xine-lib/ChangeLog10
-rw-r--r--media-libs/xine-lib/Manifest14
-rw-r--r--media-libs/xine-lib/files/digest-xine-lib-1_rc8-r11
-rw-r--r--media-libs/xine-lib/files/djb_demux_aiff.patch29
-rw-r--r--media-libs/xine-lib/files/xine-lib-x11.patch20
-rw-r--r--media-libs/xine-lib/xine-lib-1_rc8-r1.ebuild188
6 files changed, 251 insertions, 11 deletions
diff --git a/media-libs/xine-lib/ChangeLog b/media-libs/xine-lib/ChangeLog
index df3e824f39e7..f7765d93337c 100644
--- a/media-libs/xine-lib/ChangeLog
+++ b/media-libs/xine-lib/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for media-libs/xine-lib
# Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-libs/xine-lib/ChangeLog,v 1.159 2004/12/21 19:08:04 chriswhite Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-libs/xine-lib/ChangeLog,v 1.160 2004/12/23 04:42:07 chriswhite Exp $
+
+*xine-lib-1_rc8-r1 (23 Dec 2004)
+
+ 23 Dec 2004; Chris White <chriswhite@gentoo.org>
+ +files/djb_demux_aiff.patch, +files/xine-lib-x11.patch,
+ +xine-lib-1_rc8-r1.ebuild:
+ Security fix #74475 on djbs overflows. Also fixed X11 lib detection. Stable on
+ x86 for security.
22 Dec 2004; Chris White <chriswhite@gentoo.org> xine-lib-1_rc8.ebuild:
Fixed Xv linking bug #75123.
diff --git a/media-libs/xine-lib/Manifest b/media-libs/xine-lib/Manifest
index bde214083b3a..594c070e0327 100644
--- a/media-libs/xine-lib/Manifest
+++ b/media-libs/xine-lib/Manifest
@@ -1,12 +1,10 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
MD5 c0954c94e920481062ddf50c87c301be ChangeLog 27159
MD5 af08cabbae4b191018ca153392a86bea metadata.xml 304
MD5 b25152bddc933afdf390149b07f2ff43 xine-lib-1_rc5-r3.ebuild 5473
MD5 a53b6f55661ef41e343932ceb7108cc3 xine-lib-1_rc6.ebuild 5358
MD5 d2d62f59048715eaf85d88a90842729d xine-lib-1_rc7.ebuild 5327
MD5 d9591aa743f1cbe61c93c98846b139b2 xine-lib-1_rc8.ebuild 5380
+MD5 3b8900bc4ff6dae1f3d0c3efcc8105b5 xine-lib-1_rc8-r1.ebuild 5516
MD5 bcd5f2b8999f92c2f7215009f5ae1490 files/configure-64bit-define.patch 221
MD5 044cbe825fc480693aec675808e4c679 files/digest-xine-lib-1_rc5-r3 67
MD5 082b3ed1c96543704d604199047b1dee files/digest-xine-lib-1_rc6 68
@@ -37,10 +35,6 @@ MD5 aa54582a91933533008c1211dcbcfb35 files/xine-lib-disable-directfb.patch 4169
MD5 3cbdef8aa211184b96474addb4f7c5d6 files/xine-lib-gcc34.patch 423
MD5 dcb0c79c0bb106397aad42f6d936627d files/xineconfig.patch-0.9.13 601
MD5 98bc17778384589bba027ff136956fec files/digest-xine-lib-1_rc8 67
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.2.6 (GNU/Linux)
-
-iD8DBQFByHTBFdQwWVoAgN4RAlzHAJ0bq7gaBcluxKeFbnGmm6exyRZB6ACgrDf6
-2BJYIQ3Lx/NhSsVZ30OYu50=
-=Cl2j
------END PGP SIGNATURE-----
+MD5 9fbba950d78027aa0c4bfbbb409244f0 files/djb_demux_aiff.patch 991
+MD5 5d2c3c00bf3ae9a89dfcaa8b5c5b17a2 files/xine-lib-x11.patch 703
+MD5 98bc17778384589bba027ff136956fec files/digest-xine-lib-1_rc8-r1 67
diff --git a/media-libs/xine-lib/files/digest-xine-lib-1_rc8-r1 b/media-libs/xine-lib/files/digest-xine-lib-1_rc8-r1
new file mode 100644
index 000000000000..8289c434ac40
--- /dev/null
+++ b/media-libs/xine-lib/files/digest-xine-lib-1_rc8-r1
@@ -0,0 +1 @@
+MD5 dd571489e361987805100fdd80e0b921 xine-lib-1-rc8.tar.gz 7354157
diff --git a/media-libs/xine-lib/files/djb_demux_aiff.patch b/media-libs/xine-lib/files/djb_demux_aiff.patch
new file mode 100644
index 000000000000..19cdb3d62818
--- /dev/null
+++ b/media-libs/xine-lib/files/djb_demux_aiff.patch
@@ -0,0 +1,29 @@
+===================================================================
+RCS file: /cvsroot/xine/xine-lib/src/demuxers/demux_aiff.c,v
+retrieving revision 1.39
+retrieving revision 1.40
+diff -u -r1.39 -r1.40
+--- xine/xine-lib/src/demuxers/demux_aiff.c 2004/06/13 21:28:52 1.39
++++ xine/xine-lib/src/demuxers/demux_aiff.c 2004/12/15 21:03:02 1.40
+@@ -21,7 +21,7 @@
+ /*
+ * AIFF File Demuxer by Mike Melanson (melanson@pcisys.net)
+ *
+- * $Id: djb_demux_aiff.patch,v 1.1 2004/12/23 04:42:07 chriswhite Exp $
++ * $Id: djb_demux_aiff.patch,v 1.1 2004/12/23 04:42:07 chriswhite Exp $
+ *
+ */
+
+@@ -120,6 +120,12 @@
+ }
+ chunk_type = BE_32(&preamble[0]);
+ chunk_size = BE_32(&preamble[4]);
++
++ if (chunk_size > sizeof(buffer) / sizeof(buffer[0])) {
++ /* the chunk is too large to fit in the buffer -> this cannot be an aiff chunk */
++ this->status = DEMUX_FINISHED;
++ return 0;
++ }
+
+ if (chunk_type == COMM_TAG) {
+ if (this->input->read(this->input, buffer, chunk_size) !=
diff --git a/media-libs/xine-lib/files/xine-lib-x11.patch b/media-libs/xine-lib/files/xine-lib-x11.patch
new file mode 100644
index 000000000000..ebad284260a9
--- /dev/null
+++ b/media-libs/xine-lib/files/xine-lib-x11.patch
@@ -0,0 +1,20 @@
+--- configure.old 2004-12-23 12:54:21.972480392 +0900
++++ configure 2004-12-23 12:55:46.216673328 +0900
+@@ -26103,17 +26103,6 @@
+ ac_im_usrlibdir=$ac_im_libdir; break
+ fi
+ done
+- # Screen out bogus values from the imake configuration. They are
+- # bogus both because they are the default anyway, and because
+- # using them would break gcc on systems where it needs fixed includes.
+- case $ac_im_incroot in
+- /usr/include) ;;
+- *) test -f "$ac_im_incroot/X11/Xos.h" && ac_x_includes=$ac_im_incroot;;
+- esac
+- case $ac_im_usrlibdir in
+- /usr/lib | /lib) ;;
+- *) test -d "$ac_im_usrlibdir" && ac_x_libraries=$ac_im_usrlibdir ;;
+- esac
+ fi
+ cd ..
+ rm -fr conftest.dir
diff --git a/media-libs/xine-lib/xine-lib-1_rc8-r1.ebuild b/media-libs/xine-lib/xine-lib-1_rc8-r1.ebuild
new file mode 100644
index 000000000000..30efa1ccc05d
--- /dev/null
+++ b/media-libs/xine-lib/xine-lib-1_rc8-r1.ebuild
@@ -0,0 +1,188 @@
+# Copyright 1999-2004 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/media-libs/xine-lib/xine-lib-1_rc8-r1.ebuild,v 1.1 2004/12/23 04:42:07 chriswhite Exp $
+
+inherit eutils flag-o-matic gcc libtool
+
+# This should normally be empty string, unless a release has a suffix.
+MY_PKG_SUFFIX=""
+
+DESCRIPTION="Core libraries for Xine movie player"
+HOMEPAGE="http://xine.sourceforge.net/"
+SRC_URI="mirror://sourceforge/xine/${PN}-${PV/_/-}${MY_PKG_SUFFIX}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="1"
+KEYWORDS="~alpha ~amd64 ~hppa ~ia64 ~ppc ~ppc64 ~sparc x86"
+IUSE="arts esd avi nls dvd aalib X directfb oggvorbis alsa gnome sdl speex theora ipv6 altivec"
+
+RDEPEND="oggvorbis? ( media-libs/libvorbis )
+ !amd64? ( X? ( virtual/x11 ) )
+ amd64? ( X? ( || ( x11-base/xorg-x11 >=x11-base/xfree-4.3.0-r6 ) ) )
+ avi? ( x86? ( >=media-libs/win32codecs-0.50 ) )
+ esd? ( media-sound/esound )
+ dvd? ( >=media-libs/libdvdcss-1.2.7 )
+ arts? ( kde-base/arts )
+ alsa? ( media-libs/alsa-lib )
+ aalib? ( media-libs/aalib )
+ directfb? ( >=dev-libs/DirectFB-0.9.9 dev-util/pkgconfig )
+ gnome? ( >=gnome-base/gnome-vfs-2.0
+ dev-util/pkgconfig )
+ >=media-libs/flac-1.0.4
+ sdl? ( >=media-libs/libsdl-1.1.5 )
+ >=media-libs/libfame-0.9.0
+ theora? ( media-libs/libtheora )
+ speex? ( media-libs/speex )"
+DEPEND="${RDEPEND}
+ nls? ( sys-devel/gettext )"
+
+S=${WORKDIR}/${PN}-${PV/_/-}${MY_PKG_SUFFIX}
+
+pkg_setup() {
+ # Make sure that the older libraries are not installed (bug #15081).
+ if [ `has_version =media-libs/xine-lib-0.9.13*` ]
+ then
+ eerror "Please uninstall older xine libraries.";
+ eerror "The compilation cannot proceed.";
+ die
+ fi
+}
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+
+ # plasmaroo: Kernel 2.6 headers patch
+ epatch ${FILESDIR}/${PN}-1_rc7-2.6.patch
+
+ # force 32 bit userland
+ [ ${ARCH} = "sparc" ] && epatch ${FILESDIR}/${P}-configure-sparc.patch
+
+ # fixes #74475 security bug
+ epatch ${FILESDIR}/djb_demux_aiff.patch
+
+ # fixes bad X11 directories
+ epatch ${FILESDIR}/${PN}-x11.patch
+
+ # Bad version included... may drop .so
+ #libtoolize --copy --force
+
+ # bug #40317
+ elibtoolize
+
+ # Fix building on amd64, #49569
+ #use amd64 && epatch ${FILESDIR}/configure-64bit-define.patch
+
+ use pic && epatch ${FILESDIR}/${PN}-1_rc7-pic.patch
+ use pic && epatch ${FILESDIR}/${PN}-1_rc7-mmx.patch
+
+ # Fix detection of hppa2.0 and hppa1.1 CHOST
+ use hppa && sed -e 's/hppa-/hppa*-linux-/' -i ${S}/configure
+}
+
+src_compile() {
+ filter-flags -maltivec -mabi=altivec
+ filter-flags -fforce-addr
+ filter-flags -momit-leaf-frame-pointer #46339
+ filter-flags -funroll-all-loops #55420
+
+ if [ "`gcc-major-version`" -ge "3" -a "`gcc-minor-version`" -ge "4" ]; then
+ append-flags -fno-web #49509
+ filter-flags -fno-unit-at-a-time #55202
+ append-flags -funit-at-a-time #55202
+ fi
+
+ is-flag -O? || append-flags -O1 #31243
+
+ # fix build errors with sse2 #49482
+ if use x86 ; then
+ if [ `gcc-major-version` -eq 3 ] ; then
+ append-flags -mno-sse2 `test_flag -mno-sse3`
+ filter-mfpmath sse
+ fi
+ fi
+
+ # Use the built-in dvdnav plugin.
+ local myconf="--with-included-dvdnav"
+
+ # the win32 codec path should ignore $(get_libdir) and always use lib
+ use avi && use x86 \
+ && myconf="${myconf} --with-w32-path=/usr/$(get_libdir)/win32" \
+ || myconf="${myconf} --disable-asf"
+
+ use sparc \
+ && myconf="${myconf} --build=${CHOST}"
+
+ # enable/disable appropiate optimizations on sparc
+ [ "${PROFILE_ARCH}" == "sparc64" ] \
+ && myconf="${myconf} --enable-vis"
+ [ "${PROFILE_ARCH}" == "sparc" ] \
+ && myconf="${myconf} --disable-vis"
+
+ use amd64 && myconf="${myconf} --with-xv-path=/usr/X11R6/$(get_libdir)"
+
+ # Fix compilation-errors on PowerPC #45393 & #55460 & #68251
+ if use ppc || use ppc64 ; then
+ append-flags -U__ALTIVEC__
+ myconf="${myconf} `use_enable altivec`"
+ fi
+
+ # The default CFLAGS (-O) is the only thing working on hppa.
+ if use hppa && [ "`gcc-version`" != "3.4" ] ; then
+ unset CFLAGS
+ else
+ append-flags -ffunction-sections
+ fi
+
+ # if lib64 is a directory, sometimes the configure will set libdir itself
+ # and the installation fails. see bug #62339
+ myconf="${myconf} --libdir=/usr/$(get_libdir)"
+
+ econf \
+ $(use_enable X x11) \
+ $(use_with X x) \
+ $(use_enable X shm) \
+ $(use_enable X xft) \
+ $(use_enable esd) \
+ $(use_enable nls) \
+ $(use_enable alsa) \
+ $(use_enable arts) \
+ $(use_enable aalib) \
+ $(use_enable oggvorbis ogg) \
+ $(use_enable oggvorbis vorbis) \
+ $(use_enable sdl sdltest) \
+ $(use_enable ipv6) \
+ $(use_enable directfb) \
+ --enable-shared-xv \
+ ${myconf} || die "Configure failed"
+
+ emake -j1 || die "Parallel make failed"
+}
+
+src_install() {
+ # portage 2.0.50's einstall is broken for handling libdir
+ make DESTDIR=${D} install || die "Install failed"
+
+ # Xine's makefiles install some file incorrectly. (Gentoo bug #8583, #16112).
+ dodir /usr/share/xine/libxine1/fonts
+ mv ${D}/usr/share/*.xinefont.gz ${D}/usr/share/xine/libxine1/fonts/
+
+ dodoc AUTHORS ChangeLog INSTALL README TODO
+ cd ${S}/doc
+ dodoc dataflow.dia README*
+}
+
+pkg_postinst() {
+ einfo
+ einfo "Please note, a new version of xine-lib has been installed."
+ einfo "For library consistency, you need to unmerge old versions"
+ einfo "of xine-lib before merging xine-ui."
+ einfo
+ einfo "This library version 1 is incompatible with the plugins"
+ einfo "designed for the prior library versions such as xine-d4d,"
+ einfo "xine-d5d, xine-dmd, and xine-dvdnav."
+ einfo
+ einfo "Also, make sure to remove your ~/.xine if upgrading from"
+ einfo "a previous version."
+ einfo
+}