update vulnerable libpng to fixed version?

Andrey Chernov ache at nagual.pp.ru
Wed Aug 4 18:59:16 PDT 2004


On Wed, Aug 04, 2004 at 04:38:02PM -0400, Charles Swiger wrote:
> On Aug 4, 2004, at 3:08 PM, Fernan Aguero wrote:
> >according to this tech report
> >http://www.us-cert.gov/cas/techalerts/TA04-217A.html
> >there are a number of vulnerabilities in libpng that are
> >fixed in 1.2.6rc1
> >
> >is an update of the port being worked on? I'm eager to do a
> >'portupgrade -r png'.
> 
> Here's a diff which updates the png port to 1.2.6rc1:

We can't make public what is intentionally non-public, from 
libpng-1.2.6rc1-README.txt:

Libpng 1.2.6rc1 - August 4, 2004

This is not intended to be a public release.  It will be replaced
within a few weeks by a public version or by another test version.

-- 
Andrey Chernov | http://ache.pp.ru/


More information about the freebsd-ports mailing list