Hinzugefügt:

* Patch für MPG123
Geändert:
  * CUPS


git-svn-id: http://svn.ipfire.org/svn/ipfire/trunk@111 ea5c0bd1-69bd-2848-81d8-4f18e57aeed8

doc/packages-list.txt

@@ -9,7 +9,6 @@
   * GD-2.12
   * HTML-Parser-3.45
   * HTML-Tagset-3.04
-  * LPRng-3.8.28
   * Linux-PAM-0.99.3.0
   * Net-DNS-0.47
   * Net-IPv4Addr-0.10
@@ -51,6 +50,7 @@
   * eciadsl-usermode-0.11
   * ed-0.2
   * edonkeyclc_1.3.0_i386
+  * espgs-8.15.1-source
   * ethtool-3
   * expat-1.95.7
   * ez-ipupdate-3.0.11b8

lfs/cups

@@ -83,7 +83,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
 	cd $(DIR_APP) && sed -i -e "s@pam/pam@security/pam@g" {config-scripts/cups-pam.m4,scheduler/auth.c,configure}
 #	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/patches/cups-1.1.23-testsuite_fix-1.patch
-	cd $(DIR_APP) && ./configure
+	cd $(DIR_APP) && ./configure --disable-nls
 	cd $(DIR_APP) && make
 #	cd $(DIR_APP) && make check
 	cd $(DIR_APP) && make install

src/patches/mpg123-0.59r-security-1.patch

@@ -0,0 +1,25 @@
+Submitted By: David Jensen (djensen at linuxfromscratch dot org)
+Date: 2005-07-23
+Initial Package Version: 0.59r
+Origin: Debian
+Upstream Status: not maintained
+Description: Fixes buffer overflow vulnerablity (CAN-2004-0805)
+ 
+$LastChangedBy: djensen $
+$Date: 2005-07-26 21:17:28 -0600 (Tue, 26 Jul 2005) $
+
+diff -Naur mpg123-0.59r.orig/layer2.c mpg123-0.59r/layer2.c
+--- mpg123-0.59r.orig/layer2.c	1999-02-10 06:13:06.000000000 -0600
++++ mpg123-0.59r/layer2.c	2005-07-23 16:44:07.000000000 -0500
+@@ -265,6 +265,11 @@
+   fr->jsbound = (fr->mode == MPG_MD_JOINT_STEREO) ?
+      (fr->mode_ext<<2)+4 : fr->II_sblimit;
+ 
++  if (fr->jsbound > fr->II_sblimit) {
++	  fprintf(stderr, "Truncating stereo boundary to sideband limit.\n");
++	  fr->jsbound=fr->II_sblimit;
++  }
++  
+   if(stereo == 1 || single == 3)
+     single = 0;
+