[Bug 214546] www/libwww: Security vulnerabilities
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Tue Nov 15 20:54:43 UTC 2016
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=214546
Bug ID: 214546
Summary: www/libwww: Security vulnerabilities
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Keywords: patch, security
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: freebsd-ports-bugs at FreeBSD.org
Reporter: dbaio at bsd.com.br
CC: marius at nuenneri.ch
Flags: maintainer-feedback?(marius at nuenneri.ch),
merge-quarterly?
CC: marius at nuenneri.ch
Created attachment 177035
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=177035&action=edit
libwww-5.4.0_6.patch
- Add three patches from NetBSD pkgsrc for fix CVE's:
CVE-2005-3183 (files/patch-Library_src_HTBound.c)
CVE-2009-3560 (files/patch-modules_expat_xmlparse_xmlparse.c)
CVE-2009-3720 (files/patch-modules_expat_xmltok_xmltok__impl.c)
- Add License
- Add USES=ssl
- Strip .so files (Q/A warnings)
- Regenerate old patches
- Bump PORTREVISION
[Q/A]
portlint: OK (looks fine.)
testport:
poudriere: i386, 9.3 (OK)
poudriere: amd64, 9.3 (OK)
poudriere: i386, 10.3 (OK)
poudriere: amd64, 10.3 (OK)
poudriere: i386, 11 (OK)
poudriere: amd64, 11 (OK)
poudriere: i386, 12 (OK)
poudriere: amd64, 12 (OK)
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list