[Bug 259590] graphics/libemf: update to 1.0.13

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 01 Nov 2021 12:54:58 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259590

            Bug ID: 259590
           Summary: graphics/libemf: update to 1.0.13
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://sourceforge.net/projects/libemf/files/libemf/1
                    .0.13/
                OS: Any
            Status: New
          Keywords: security
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: office@FreeBSD.org
          Reporter: fuz@fuz.su
                CC: office@FreeBSD.org
          Assignee: office@FreeBSD.org
             Flags: maintainer-feedback?(office@FreeBSD.org)
 Attachment #229190 maintainer-approval?(office@FreeBSD.org)
             Flags:
             Flags: merge-quarterly?
                CC: office@FreeBSD.org

Created attachment 229190
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=229190&action=edit
graphics/libemf: update to 1.0.13

This update fixes a number of vulnerabilities:

CVE-2020-13999 (fixed in 1.0.13)
CVE-2020-11863 (fixed in 1.0.12)
CVE-2020-11864 (fixed in 1.0.12)
CVE-2020-11865 (fixed in 1.0.12)
CVE-2020-11866 (fixed in 1.0.12)

While there, hooked up the test suite and took maintainership
of this unmaintained port.

Tested with Poudriere on armv6 arm64 i386 amd64 FreeBSD 13.
Tested that the dependent ports still build (except for
science/chemtool-devel which is marked as BROKEN).

Please MFH as this is a security update.

-- 
You are receiving this mail because:
You are the assignee for the bug.