[Bug 205502] graphics/librsvg2: update 2.40.10 -> 2.40.12
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Dec 22 01:48:48 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=205502
Jason Unovitch <junovitch at freebsd.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ports-secteam at FreeBSD.org
--- Comment #2 from Jason Unovitch <junovitch at freebsd.org> ---
The first entry was for fix committed upstream earlier this year. Documented
it now as Red Hat reported both at the same time.
[1]
https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df
The later entry is for the application crash via a stack exhaustion issue
addressed through rework in 2.40.12. The attached patch is ready for
review/commit and will only need to list the following in the commit message.
Security: CVE-2015-7558
Security:
https://vuxml.FreeBSD.org/freebsd/d6c51737-a84b-11e5-8f5c-002590263bf5.html
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-gnome
mailing list