[Bug 200980] lang/chicken: CVE-2015-4556: out-of-bounds read in CHICKEN Scheme's string-translate* procedure
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sat Jun 20 19:14:55 UTC 2015
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200980
--- Comment #1 from Vitaly Magerya <vmagerya at gmail.com> ---
Created attachment 157898
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=157898&action=edit
chicken-4.10.0rc1.diff
Unfortunately it is not as trivial as applying that patch to a
previous release: one of the files that patch touches must be
translated into C during the build, which requires an installed
version of chicken. Normally release tarballs include the generated
C file, but if the patch is applied that generated file becomes
obsolete, and the build process can not continue.
The solution is to use one of the release tarballs.
Since chicken 4.10 is not yet released, we could use 4.10.0rc1
for the time being. It's better than nothing.
Here's a patch for that, complete with a vuln.xml update.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list