diff options
| author |   Theo Chatzimichos <tampakrap@gentoo.org> | 2009-03-04 19:09:28 +0000 |
|---|---|---|
| committer | Theo Chatzimichos <tampakrap@gentoo.org> | 2009-03-04 19:09:28 +0000 |
| commit | af8e3b8dac07a0a27a6c0c606f2987d2a6ce022b (patch) | |
| tree | 0debd21d8cae784a0379526074af455d73da3807 /media-sound/amarok | |
| parent | Bump KDE 4.2.1 (diff) | |
| download | historical-af8e3b8dac07a0a27a6c0c606f2987d2a6ce022b.tar.gz historical-af8e3b8dac07a0a27a6c0c606f2987d2a6ce022b.tar.bz2 historical-af8e3b8dac07a0a27a6c0c606f2987d2a6ce022b.zip | |
apply audibletag.patch and revbump, security bug 254896
Package-Manager: portage-2.2_rc23/cvs/Linux x86_64
Diffstat (limited to 'media-sound/amarok')
| -rw-r--r-- | media-sound/amarok/ChangeLog | 8 | ||||
| -rw-r--r-- | media-sound/amarok/Manifest | 14 | ||||
| -rw-r--r-- | media-sound/amarok/amarok-1.4.10-r2.ebuild | 113 | ||||
| -rw-r--r-- | media-sound/amarok/files/amarok-1.4.10-audibletag.patch | 85 |
4 files changed, 208 insertions, 12 deletions
diff --git a/media-sound/amarok/ChangeLog b/media-sound/amarok/ChangeLog index de6088d8fae2..abc1b71fc94a 100644 --- a/media-sound/amarok/ChangeLog +++ b/media-sound/amarok/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for media-sound/amarok # Copyright 2000-2009 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/media-sound/amarok/ChangeLog,v 1.306 2009/03/02 13:30:07 alexxy Exp $ +# $Header: /var/cvsroot/gentoo-x86/media-sound/amarok/ChangeLog,v 1.307 2009/03/04 19:09:24 tampakrap Exp $ + +*amarok-1.4.10-r2 (04 Mar 2009) + + 04 Mar 2009; Theo Chatzimichos <tampakrap@gentoo.org> + +files/amarok-1.4.10-audibletag.patch, +amarok-1.4.10-r2.ebuild: + apply audibletag.patch, security bug 254896 02 Mar 2009; Alexey Shvetsov <alexxy@gentoo.org> amarok-2.0.1.1.ebuild: Fix typo diff --git a/media-sound/amarok/Manifest b/media-sound/amarok/Manifest index f3934a2dbed6..62dafddaaf55 100644 --- a/media-sound/amarok/Manifest +++ b/media-sound/amarok/Manifest @@ -1,7 +1,5 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 - AUX 2.0.1.1-ipod.patch 6713 RMD160 40a0da7ceca93e081edfa660383f8281dc4c2d68 SHA1 8a1aad8e9a8ad34fac3de7ca8ba5966c4dbfb50f SHA256 612cdb6886d0bac22773d7a621d3062d0eb96801cff8053d4011e44cb738fb61 +AUX amarok-1.4.10-audibletag.patch 2412 RMD160 9c37b2861c17a3ff9c5a447338cbbc735fcfd634 SHA1 25ebc67a0f6254c1fae9a96b967f700a5ea81746 SHA256 724f2411cc9a6d4cc972fe6b3d40bdf1d4075347eca3460bdaf0b35980f838a3 AUX amarok-1.4.10-gcc-4.3.patch 271 RMD160 facfb2796b871f3b3a5cb0c5e2268386950b3801 SHA1 c86f458ba6ae8d5b78a047852f9f2699e6da2908 SHA256 b96e976276f5c87265ecdb62b596f6f2e91c921130b833b0e395f2b50c9fa9cc AUX amarok-1.4.7+xine-lib-1.1.8-lastfm.patch 808 RMD160 fcf33e066734fdf14b5b25421093f19282b2f130 SHA1 bf38186111297dc9da5eb00be14ba9772d2ae134 SHA256 5c65d14d2aa8b6739a7a8493f7d4db808c25d56047ff00b7adcd8754ee97e4f2 AUX amarok-1.4.7-svn148317.patch 538 RMD160 088c06869d98f2bc9de83a8e9e39d0026bc74db1 SHA1 f66e14a0273e68caf9ceb40b8475d35c32bc04e5 SHA256 f159099ec72687ad306c4d386336f0864b4510d5c5b09026cd31401c3ade23ae @@ -13,6 +11,7 @@ DIST amarok-1.4.8.tar.bz2 12699378 RMD160 b557f6f5f14c304ae82c8d5537263ecc1faa92 DIST amarok-1.4.9.1.tar.bz2 12707926 RMD160 9f6e59116292bd33e10c0245bfdbd3a2df319765 SHA1 5473c7d578a4bf2662f977d9239ff0066ee8f159 SHA256 c4a02c3267cd5f3a9ff9efa066f1e0308c2cd903be2d5b24e3d9f75abdc1fa93 DIST amarok-2.0.1.1.tar.bz2 5012905 RMD160 d7d159d5407231f787397b0bbc57623ebcc75785 SHA1 235ff1b62c10f2bb8cb30fb256fcdd3704a132d7 SHA256 905a4b4344ddee5f77c0e158c2a28e4d282a3dc93cff635c6ff10ddac86c0f2b EBUILD amarok-1.4.10-r1.ebuild 3092 RMD160 d70b9dccb9cd14e582697d80f419e9cc8d112560 SHA1 6b9a31df3f2ceaaa413ba06d55b865f0149426b0 SHA256 e9295d57260f7c1b063175197770c3e0a42f1a09ec339c2aee056e50aff31811 +EBUILD amarok-1.4.10-r2.ebuild 3130 RMD160 23f4e2aa135b6c69d8cca8b71e94e695c410768f SHA1 2ee199908be2a3a22b542ee9900b942ed2dce9d5 SHA256 9dc772e638065f17f27f94b8b9628b654466daf5f3cea8acc467b0b2ce4c6e43 EBUILD amarok-1.4.10.ebuild 3030 RMD160 2e72e10285e8d56932740ca1ac2f2805c9be46aa SHA1 449b3a6bb442d1cd9565fa197d2889d447af8156 SHA256 29b55d449f20700ae756b6deddea68b38f3e1bd262374f665e9018aaa18cfe43 EBUILD amarok-1.4.10_p20090130-r1.ebuild 3061 RMD160 8bc91dc1579270f4d6f6acbf071bdf5f9c406747 SHA1 8e0ce1baafa05af31e9f0d34028a361381c9d41b SHA256 2d585d730ad84f43d8a8895347c1a0a90372544244bb86a3eb6856fab73cf59b EBUILD amarok-1.4.10_p20090130.ebuild 3004 RMD160 af33d54c5b8b99c35c65cae3446b5603d2578b6e SHA1 6c324ac91e3bf1e0e6546fca2ea9df648f69e280 SHA256 5b9b44d340ae9b1a5f5e6b8bf2d04ace3bf69100b545c2416d35f4138e5f28fa @@ -21,12 +20,5 @@ EBUILD amarok-1.4.9.1-r1.ebuild 3069 RMD160 410163fa1d2049988d3f00c7c86a9eb70b2f EBUILD amarok-1.4.9.1.ebuild 3016 RMD160 0e525e2ee81f4394ab4989dcca5e3d6d55caa606 SHA1 33474fdd4b643a11d50ec65ebeaebe765ce166a3 SHA256 70c548c4a9c362a682bc25021f818df72622918fcfc57d6ce3f3529af3745fbe EBUILD amarok-1.4.9999-r2.ebuild 2968 RMD160 ccdac64d981d96b28355906009cd37fb89ce36b0 SHA1 8530f914a80ac7d988981f996ebcb09055017995 SHA256 f3d3a1311d4614ce983e984fd6b589fcf5027fcb16b47234646b7eb2814e5941 EBUILD amarok-2.0.1.1.ebuild 2919 RMD160 790f1b9cf07b3a9d1a33258297961e64def11271 SHA1 ded87a9b2915e85171044a2f969b4a99f08de567 SHA256 22b12155c4261b0144f19564e3b9a302cd0f089f8a561763426beb092e624fa8 -MISC ChangeLog 49383 RMD160 93c4ce98e552473779bb420a7c53e7bfd67093c1 SHA1 52aec2cf25e5d979f69746c59203938dc2404782 SHA256 f406498ff0e5cde1075b6ca46a48566fe8aa0ca7ed503021aefe8108bf57037b +MISC ChangeLog 49589 RMD160 2691d6fc2ca0729cf457144127cbdf67777d5a31 SHA1 b3a9c1f4f22e510f1f9dc3026696db25f6263230 SHA256 c92b398c1e6af89a9ab3868e3b9cfbf92a7c3f79a1a4773da4899452d59de12a MISC metadata.xml 2064 RMD160 849eb1d1290373e6c223f9989aad0c637a837abd SHA1 5053b1488abf172eeec9cd11450dedb4479731d3 SHA256 ad95aa33cd1d6bcfa5f8621c159c9a1a5b1dfa2872d9c779b1dfdcd46af4fab4 ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.10 (GNU/Linux) - -iEYEARECAAYFAkmr324ACgkQ5BmOA85PVLgHLQCfQhdhx3Dw6do1MPL9vXNo0at0 -pPQAoIxaq8VIDgvDvZ8DDXK3K8DImKDP -=oEPV ------END PGP SIGNATURE----- diff --git a/media-sound/amarok/amarok-1.4.10-r2.ebuild b/media-sound/amarok/amarok-1.4.10-r2.ebuild new file mode 100644 index 000000000000..95d7a67c7b4f --- /dev/null +++ b/media-sound/amarok/amarok-1.4.10-r2.ebuild @@ -0,0 +1,113 @@ +# Copyright 1999-2009 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/media-sound/amarok/amarok-1.4.10-r2.ebuild,v 1.1 2009/03/04 19:09:24 tampakrap Exp $ + +ARTS_REQUIRED="never" + +LANGS="af ar az be bg bn br ca cs cy da de el en_GB eo es et eu fa fi +fr ga gl he hi hu id is it ja km ko ku lo lt mk ms nb nds ne nl nn pa +pl pt pt_BR ro ru rw se sk sl sq sr sr@Latn ss sv ta tg th tr uk uz +zh_CN zh_TW" + +LANGS_DOC="da de es et fr it nl pl pt pt_BR ru sv" + +USE_KEG_PACKAGING=1 + +inherit kde + +PKG_SUFFIX="" + +if [[ ${P/_pre} == ${P} ]]; then + MY_P="${P/_/-}" + + if [[ ${P/_rc} == ${P} ]]; then + SRC_URI="mirror://kde/stable/amarok/${PV}/src/${MY_P}.tar.bz2" + S="${WORKDIR}/${P/_/-}" + else + SRC_URI="mirror://gentoo/${MY_P}.tar.bz2" + S="${WORKDIR}/${P/_rc*}" + fi +else + SRC_URI="mirror://gentoo/${P}.tar.bz2" +fi + +DESCRIPTION="Advanced audio player based on KDE framework." +HOMEPAGE="http://amarok.kde.org/" + +LICENSE="GPL-2" + +SLOT="0" +KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd" +IUSE="mp4 kde mysql amazon opengl postgres +visualization ipod ifp real njb mtp musicbrainz daap +python" +# kde: enables compilation of the konqueror sidebar plugin + +RDEPEND="kde? ( || ( =kde-base/konqueror-3.5* =kde-base/kdebase-3.5* ) ) + >=media-libs/xine-lib-1.1.2_pre20060328-r8 + >=media-libs/taglib-1.4 + mysql? ( >=virtual/mysql-4.0 ) + postgres? ( virtual/postgresql-base ) + opengl? ( virtual/opengl ) + visualization? ( media-libs/libsdl + =media-plugins/libvisual-plugins-0.4* ) + ipod? ( >=media-libs/libgpod-0.5.2 ) + mp4? ( media-libs/libmp4v2 ) + ifp? ( media-libs/libifp ) + real? ( + media-video/realplayer + media-libs/alsa-lib ) + njb? ( >=media-libs/libnjb-2.2.4 ) + mtp? ( >=media-libs/libmtp-0.3.0 ) + musicbrainz? ( media-libs/tunepimp ) + =dev-lang/ruby-1.8*" + +DEPEND="${RDEPEND}" + +RDEPEND="${RDEPEND} + app-arch/unzip + python? ( dev-python/PyQt ) + daap? ( www-servers/mongrel )" + +PATCHES=( "${FILESDIR}/amarok-1.4.9.1-libmtp-0.3.0-API.patch" + "${FILESDIR}/${P}-gcc-4.3.patch" + "${FILESDIR}/${P}-audibletag.patch" ) + +need-kde 3.5 + +src_compile() { + # Extra, unsupported engines are forcefully disabled. + local myconf="$(use_enable mysql) $(use_enable postgres postgresql) + $(use_with opengl) + $(use_with visualization libvisual) + $(use_enable amazon) + $(use_with ipod libgpod) + $(use_with mp4 mp4v2) + $(use_with ifp) + $(use_with real helix) + $(use_with njb libnjb) + $(use_with mtp libmtp) + $(use_with musicbrainz) + $(use_with daap) + --with-xine + --without-nmm" + + kde_src_compile +} + +src_install() { + kde_src_install + + # As much as I respect Ian, I'd rather leave Amarok to use mongrel + # from Portage, for security and policy reasons. + rm -rf "${D}"/usr/share/apps/amarok/ruby_lib/rbconfig \ + "${D}"/usr/share/apps/amarok/ruby_lib/mongrel* \ + "${D}"/usr/share/apps/amarok/ruby_lib/rubygems* \ + "${D}"/usr/share/apps/amarok/ruby_lib/gem* \ + "${D}"/usr/$(get_libdir)/ruby_lib + + if ! use python; then + rm -r "${D}"/usr/share/apps/amarok/scripts/webcontrol \ + || die "Unable to remove webcontrol." + fi +} diff --git a/media-sound/amarok/files/amarok-1.4.10-audibletag.patch b/media-sound/amarok/files/amarok-1.4.10-audibletag.patch new file mode 100644 index 000000000000..ee94739f12ab --- /dev/null +++ b/media-sound/amarok/files/amarok-1.4.10-audibletag.patch @@ -0,0 +1,85 @@ +--- amarok-1.4.10/amarok/src/metadata/audible/audibletag.cpp 2008-08-14 00:21:51.000000000 +0300 ++++ amarok-1.4.10/amarok/src/metadata/audible/audibletag.cpp 2009-03-04 19:55:15.000000000 +0200 +@@ -71,7 +71,8 @@ + { + char buf[1023]; + fseek(fp, OFF_PRODUCT_ID, SEEK_SET); +- fread(buf, strlen("product_id"), 1, fp); ++ if (fread(buf, strlen("product_id"), 1, fp) != 1) ++ return; + if(memcmp(buf, "product_id", strlen("product_id"))) + { + buf[20]='\0'; +@@ -130,24 +131,65 @@ + + bool Audible::Tag::readTag( FILE *fp, char **name, char **value) + { ++ // arbitrary value that has to be smaller than 2^32-1 and that should be large enough for all tags ++ const uint32_t maxtaglen = 100000; ++ + uint32_t nlen; +- fread(&nlen, sizeof(nlen), 1, fp); ++ if (fread(&nlen, sizeof(nlen), 1, fp) != 1) ++ return false; + nlen = ntohl(nlen); + //fprintf(stderr, "tagname len=%x\n", (unsigned)nlen); +- *name = new char[nlen+1]; +- (*name)[nlen] = '\0'; ++ if (nlen > maxtaglen) ++ return false; + + uint32_t vlen; +- fread(&vlen, sizeof(vlen), 1, fp); ++ if (fread(&vlen, sizeof(vlen), 1, fp) != 1) ++ return false; + vlen = ntohl(vlen); + //fprintf(stderr, "tag len=%x\n", (unsigned)vlen); ++ if (vlen > maxtaglen) ++ return false; ++ ++ *name = new char[nlen+1]; ++ if (!*name) ++ return false; ++ + *value = new char[vlen+1]; ++ if (!*value) ++ { ++ delete[] *name; ++ *name = 0; ++ return false; ++ } ++ ++ (*name)[nlen] = '\0'; + (*value)[vlen] = '\0'; + +- fread(*name, nlen, 1, fp); +- fread(*value, vlen, 1, fp); ++ if (fread(*name, nlen, 1, fp) != 1) ++ { ++ delete[] *name; ++ *name = 0; ++ delete[] *value; ++ *value = 0; ++ return false; ++ } ++ if (fread(*value, vlen, 1, fp) != 1) ++ { ++ delete[] *name; ++ *name = 0; ++ delete[] *value; ++ *value = 0; ++ return false; ++ } + char lasttag; +- fread(&lasttag, 1, 1, fp); ++ if (fread(&lasttag, 1, 1, fp) != 1) ++ { ++ delete[] *name; ++ *name = 0; ++ delete[] *value; ++ *value = 0; ++ return false; ++ } + //fprintf(stderr, "%s: \"%s\"\n", *name, *value); + + m_tagsEndOffset += 2 * 4 + nlen + vlen + 1; |