ports/147871: [maintainer update][patch]Update port: www/ziproxy to 3.1.1
Pavel Pankov
pankov_p at mail.ru
Tue Jun 15 11:50:03 UTC 2010
>Number: 147871
>Category: ports
>Synopsis: [maintainer update][patch]Update port: www/ziproxy to 3.1.1
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Tue Jun 15 11:50:02 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Pavel Pankov
>Release: 8.0-STABLE
>Organization:
>Environment:
FreeBSD vds4.pankov.pp.ru 8.0-STABLE FreeBSD 8.0-STABLE #0 r8M: Tue May 18 10:39:52 IRKST 2010 root at freebsd8-amd64.ispsystem.net:/root/src/sys/amd64/compile/ISPSYSTEM amd64
>Description:
- Update to 3.1.1
- VuXML entry for PNG decoder security vulnerability
- License information
>How-To-Repeat:
>Fix:
Apply the attached patch.
Patch attached with submission follows:
Index: ports/security/vuxml/vuln.xml
===================================================================
RCS file: /home/ncvs/ports/security/vuxml/vuln.xml,v
retrieving revision 1.2165
diff -u -r1.2165 vuln.xml
--- ports/security/vuxml/vuln.xml 14 Jun 2010 03:04:21 -0000 1.2165
+++ ports/security/vuxml/vuln.xml 15 Jun 2010 11:42:07 -0000
@@ -34,6 +34,33 @@
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="25673e6e-786b-11df-a921-0245fb008c0b">
+ <topic>ziproxy -- security vulnerability in PNG decoder</topic>
+ <affects>
+ <package>
+ <name>ziproxy</name>
+ <range><lt>3.1.1</lt><ge>3.1.0</ge></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Daniel Mealha Cabrita reports:</p>
+ <blockquote cite="http://ziproxy.sourceforge.net/#news">
+ <p>Fixed security vulnerability (heap-related) in PNG decoder.
+ (new bug from 3.1.0)</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>http://ziproxy.sourceforge.net/#news</url>
+ <mlist msgid="201006150731.30474.dancab at gmx.net">http://sourceforge.net/mailarchive/message.php?msg_name=201006150731.30474.dancab%40gmx.net</mlist>
+ </references>
+ <dates>
+ <discovery>2010-06-15</discovery>
+ <entry>2010-06-15</entry>
+ </dates>
+ </vuln>
+
<vuln vid="313da7dc-763b-11df-bcce-0018f3e2eb82">
<topic>tiff -- buffer overflow vulnerability</topic>
<affects>
Index: ports/www/ziproxy/Makefile
===================================================================
RCS file: /home/ncvs/ports/www/ziproxy/Makefile,v
retrieving revision 1.24
diff -u -r1.24 Makefile
--- ports/www/ziproxy/Makefile 3 Jun 2010 08:44:21 -0000 1.24
+++ ports/www/ziproxy/Makefile 15 Jun 2010 11:42:07 -0000
@@ -5,7 +5,7 @@
# $FreeBSD: ports/www/ziproxy/Makefile,v 1.24 2010/06/03 08:44:21 brian Exp $
PORTNAME= ziproxy
-PORTVERSION= 3.1.0
+PORTVERSION= 3.1.1
CATEGORIES= www
MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/${PORTNAME}-${PORTVERSION}
@@ -18,6 +18,9 @@
USE_BZIP2= yes
+LICENSE= GPLv2
+LICENSE_FILE= ${WRKSRC}/COPYING
+
CFLAGS+= -I${LOCALBASE}/include
LDFLAGS+= -L${LOCALBASE}/lib
Index: ports/www/ziproxy/distinfo
===================================================================
RCS file: /home/ncvs/ports/www/ziproxy/distinfo,v
retrieving revision 1.17
diff -u -r1.17 distinfo
--- ports/www/ziproxy/distinfo 3 Jun 2010 08:44:21 -0000 1.17
+++ ports/www/ziproxy/distinfo 15 Jun 2010 11:42:07 -0000
@@ -1,3 +1,3 @@
-MD5 (ziproxy-3.1.0.tar.bz2) = 571fefc39835f0dac571447862d28df0
-SHA256 (ziproxy-3.1.0.tar.bz2) = e92589172abc7a055467b66983ae65452f688760a0eea973cc09bf242d7d7206
-SIZE (ziproxy-3.1.0.tar.bz2) = 260739
+MD5 (ziproxy-3.1.1.tar.bz2) = acbec584995b92d12fd44a0a1cff6046
+SHA256 (ziproxy-3.1.1.tar.bz2) = 8066037eb7a82dc140286ac0e58c81d36da8bc1c76f2699cd0c44f8a631f93b2
+SIZE (ziproxy-3.1.1.tar.bz2) = 260604
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list