[Bug 201780] dns/libidn: out-of-bounds read issue with invalid UTF-8 input (CVE-2015-2059)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Jul 23 03:28:32 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201780
--- Comment #1 from Jason Unovitch <jason.unovitch at gmail.com> ---
Created attachment 159103
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=159103&action=edit
libidn-1.31.patch
Changelog:
- Update to upstream version 1.31
- Add USES=gmake to build on all supported FreeBSD releases
PR: 201780
Security: CVE-2015-2059
Security: 4caf01e2-30e6-11e5-a4a5-002590263bf5
Details:
- 1.3.1 update is a given. The item worth discussing is upstream's comment in
their change log:
"and we are marking this release as beta rather than stable to signal that we
may reconsider this approach if people disagree. "
- Add USES=gmake. libidn-1.30 and libidn-1.31 both build on FreeBSD 10+ where
bmake is the default. I tested on 10.1-RELEASE, 10.2-BETA2, and 11-CURRENT.
It will not build on 8.4-RELEASE and 9.3-RELEASE (shown below given the default
fmake). This makes gmake the default so the port builds on all releases.
....
CC tlds.lo
CCLD libidn.la
Making all in po
Error expanding embedded variable.
*** [all-recursive] Error code 1
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list