[oe-commits] Holger Hans Peter Freyther : streamripper: Upgrade to 1.64. 6 to address multiple buffer overflows

Tue Mar 16 08:17:05 UTC 2010

Module: openembedded.git
Branch: shr/unstable
Commit: 1eb9bb6dc735dc71d8dee16868ee7f9f121db525
URL:    http://gitweb.openembedded.net/?p=openembedded.git&a=commit;h=1eb9bb6dc735dc71d8dee16868ee7f9f121db525

Author: Holger Hans Peter Freyther <zecke at selfish.org>
Date:   Tue Mar 16 10:18:17 2010 +0800

streamripper: Upgrade to 1.64.6 to address multiple buffer overflows

Address CVE-2008-4829 which was fixed in 1.64.0

---

 conf/checksums.ini                                 |    8 --------
 ...eamripper_1.61.10.bb => streamripper_1.64.6.bb} |    4 +++-
 2 files changed, 3 insertions(+), 9 deletions(-)

diff --git a/conf/checksums.ini b/conf/checksums.ini
index 63cf415..0a63d0c 100644
--- a/conf/checksums.ini
+++ b/conf/checksums.ini
@@ -25610,14 +25610,6 @@ sha256=ba8c492c1b2033d4e2131f05df9e3780d4bc35bea87aa32a6052dd53a814e288
 md5=e9449fcee97e6a8ed73934c883c870e0
 sha256=95e7b7470e04f22c3ec8dc6d0b1fdd8944306cb5313c84c4545cd83abada26d0
 
-[http://downloads.sourceforge.net/streamripper/streamripper-1.61.10.tar.gz]
-md5=2d62a4546521980e1ed705a5094a6ec3
-sha256=08ca63620c1c071f4b2d42c5f63f38cee920aa57cde151ac3cfcf344437e3f11
-
-[http://heanet.dl.sourceforge.net/streamripper/streamripper-1.61.10.tar.gz]
-md5=2d62a4546521980e1ed705a5094a6ec3
-sha256=08ca63620c1c071f4b2d42c5f63f38cee920aa57cde151ac3cfcf344437e3f11
-
 [http://downloads.sourceforge.net/streamripper/streamripper-1.61.3.tar.gz]
 md5=57cd09098917bda29f841d366649681c
 sha256=1747aee9fa4cc09b49e0fb14baace3293f8f870c0de27fd3550cde21d99e9cd7
diff --git a/recipes/streamripper/streamripper_1.61.10.bb b/recipes/streamripper/streamripper_1.64.6.bb
similarity index 70%
rename from recipes/streamripper/streamripper_1.61.10.bb
rename to recipes/streamripper/streamripper_1.64.6.bb
index fe69140..f8141cf 100644
--- a/recipes/streamripper/streamripper_1.61.10.bb
+++ b/recipes/streamripper/streamripper_1.64.6.bb
@@ -4,7 +4,9 @@ LICENSE = "GPL"
 DEPENDS= "libogg libvorbis"
 RDEPENDS= "libogg libvorbis"
 
-SRC_URI = "${SOURCEFORGE_MIRROR}/streamripper/streamripper-${PV}.tar.gz"
+SRC_URI = "${SOURCEFORGE_MIRROR}/streamripper/streamripper-${PV}.tar.gz;name=src"
+SRC_URI[src.md5sum] = "a37a1a8b8f9228522196a122a1c2dd32"
+SRC_URI[src.sha256sum] = "c1d75f2e9c7b38fd4695be66eff4533395248132f3cc61f375196403c4d8de42"
 
 EXTRA_OECONF="--disable-oggtest \
 		--disable-vorbistest \



