[Bug 217063] devel/libowfat: Port is out of date (security fixes)

Mon Feb 13 10:31:15 UTC 2017

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=217063

            Bug ID: 217063
           Summary: devel/libowfat: Port is out of date (security fixes)
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: lx at FreeBSD.org
          Reporter: crest at bultmann.eu
          Assignee: lx at FreeBSD.org
             Flags: maintainer-feedback?(lx at FreeBSD.org)

The libowfat port is out of date by two releases
(https://www.fefe.de/libowfat/changes-0.30.txt and
https://www.fefe.de/libowfat/changes-0.31.txt). Three of the entries in the
changelog are marked as security fixes:

 * SECURITY: fmt_strn would write one byte too many (returned right length
though, so usually not a problem as that byte would be overwritten with \0 by
the caller anyway)
 * SECURITY: check for integer overflow in stralloc_ready
 * SECURITY: fix botched integer overflow handling logic in stralloc_ready
(Giorgio) add critbit

-- 
You are receiving this mail because:
You are the assignee for the bug.