[Bug 222130] textproc/freexl: update to 1.0.4
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Sep 7 21:25:21 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=222130
Bug ID: 222130
Summary: textproc/freexl: update to 1.0.4
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Some People
Priority: ---
Component: Individual Port(s)
Assignee: freebsd-ports-bugs at FreeBSD.org
Reporter: lbartoletti at tuxfamily.org
Created attachment 186152
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=186152&action=edit
Freexl 1.0.4
The Cisco Talos team reported two sensitive security issues
affecting FreeXL-1.0.3 and any previous version.
"A specially crafted XLS file can cause a memory corruption
resulting in remote code execution. An attacker can send
malicious XLS file to trigger this vulnerability."
Freexl-1.0.4 fixes both issues.
---
It's an easy patch.
I have fixed the MPL license.
Poudriere 10, 11 i386/amd64 OK
portlint OK
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list