svn commit: r307391 - in branches/RELENG_9_1_0: irc/weechat irc/weechat-devel security/vuxml
Beat Gaetzi
beat at FreeBSD.org
Tue Nov 13 19:49:17 UTC 2012
Author: beat
Date: Tue Nov 13 19:49:16 2012
New Revision: 307391
URL: http://svnweb.freebsd.org/changeset/ports/307391
Log:
MFH r307263 by eadler:
Apply an upstream patch that fixes a security hole
when receiving a special colored message.
The maintainer was contacted but due to the nature of
the issue apply the patch ASAP.
Approved by: secteam-ports (swills)
Security: e02c572f-2af0-11e2-bb44-003067b2972c
MFH r307275 by jase:
- Update to 0.3.9.1
Changes: http://www.weechat.org/files/changelog/ChangeLog-0.3.9.1.html
MFH r307276 by jase:
- Remove extraneous patch
MFH r307279 by jase:
- Update to 20121110
- Remove extraneous patch
MFH r307387 by jase:
- Update recent weechat entry (e02c572f-2af0-11e2-bb44-003067b2972c)
- Document assigned CVE Identifier
- Document workaround for vulnerable versions
Feature safe: yes
Modified:
branches/RELENG_9_1_0/irc/weechat-devel/Makefile
branches/RELENG_9_1_0/irc/weechat-devel/distinfo
branches/RELENG_9_1_0/irc/weechat/Makefile
branches/RELENG_9_1_0/irc/weechat/distinfo
branches/RELENG_9_1_0/security/vuxml/vuln.xml
Directory Properties:
branches/RELENG_9_1_0/ (props changed)
Modified: branches/RELENG_9_1_0/irc/weechat-devel/Makefile
==============================================================================
--- branches/RELENG_9_1_0/irc/weechat-devel/Makefile Tue Nov 13 19:41:12 2012 (r307390)
+++ branches/RELENG_9_1_0/irc/weechat-devel/Makefile Tue Nov 13 19:49:16 2012 (r307391)
@@ -1,7 +1,7 @@
# $FreeBSD$
PORTNAME= weechat
-PORTVERSION= 20121103
+PORTVERSION= 20121110
CATEGORIES= irc
MASTER_SITES= http://perturb.me.uk/distfiles/ \
${MASTER_SITE_LOCAL}
@@ -26,7 +26,7 @@ WANT_PERL= yes
LIB_DEPENDS+= curl:${PORTSDIR}/ftp/curl \
gcrypt:${PORTSDIR}/security/libgcrypt
-GITREV= c848cb4
+GITREV= 7cd376b
WRKSRC= ${WRKDIR}/${PORTNAME}-${GITREV}
# Please note: the DEBUG option is *NOT* empty, it is utilised by
Modified: branches/RELENG_9_1_0/irc/weechat-devel/distinfo
==============================================================================
--- branches/RELENG_9_1_0/irc/weechat-devel/distinfo Tue Nov 13 19:41:12 2012 (r307390)
+++ branches/RELENG_9_1_0/irc/weechat-devel/distinfo Tue Nov 13 19:49:16 2012 (r307391)
@@ -1,2 +1,2 @@
-SHA256 (weechat-devel-c848cb4.tar.gz) = 0addead395d9eaeafa782996ccc447dafa3b5138d3e21285b602abf37c614655
-SIZE (weechat-devel-c848cb4.tar.gz) = 2511229
+SHA256 (weechat-devel-7cd376b.tar.gz) = dd10c1ab81051ec3476ad95a12c4c70cd8161a5f0dbcc7f0659e3d2602a79ef2
+SIZE (weechat-devel-7cd376b.tar.gz) = 2517031
Modified: branches/RELENG_9_1_0/irc/weechat/Makefile
==============================================================================
--- branches/RELENG_9_1_0/irc/weechat/Makefile Tue Nov 13 19:41:12 2012 (r307390)
+++ branches/RELENG_9_1_0/irc/weechat/Makefile Tue Nov 13 19:49:16 2012 (r307391)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= weechat
-PORTVERSION= 0.3.9
+PORTVERSION= 0.3.9.1
CATEGORIES= irc
MASTER_SITES= http://weechat.org/files/src/
Modified: branches/RELENG_9_1_0/irc/weechat/distinfo
==============================================================================
--- branches/RELENG_9_1_0/irc/weechat/distinfo Tue Nov 13 19:41:12 2012 (r307390)
+++ branches/RELENG_9_1_0/irc/weechat/distinfo Tue Nov 13 19:49:16 2012 (r307391)
@@ -1,2 +1,2 @@
-SHA256 (weechat-0.3.9.tar.gz) = 8666c788cbb212036197365df3ba3cf964a23e4f644d76ea51d66dbe3be593bb
-SIZE (weechat-0.3.9.tar.gz) = 3761786
+SHA256 (weechat-0.3.9.1.tar.gz) = 9a6ad4aacbda9c5524dc519cc8782621d59ba1bf0556e64f5ae4f9102f28b29d
+SIZE (weechat-0.3.9.1.tar.gz) = 3756617
Modified: branches/RELENG_9_1_0/security/vuxml/vuln.xml
==============================================================================
--- branches/RELENG_9_1_0/security/vuxml/vuln.xml Tue Nov 13 19:41:12 2012 (r307390)
+++ branches/RELENG_9_1_0/security/vuxml/vuln.xml Tue Nov 13 19:49:16 2012 (r307391)
@@ -134,10 +134,13 @@ Note: Please add new entries to the beg
<blockquote cite="https://savannah.nongnu.org/bugs/?37704">
<p>A buffer overflow is causing a crash or freeze of WeeChat when
decoding IRC colors in strings.</p>
+ <p>Workaround for a non-patched version:
+ /set irc.network.colors_receive off</p>
</blockquote>
</body>
</description>
<references>
+ <cvename>CVE-2012-5854</cvename>
<freebsdpr>ports/173513</freebsdpr>
<url>http://weechat.org/security/</url>
<url>https://savannah.nongnu.org/bugs/?37704</url>
@@ -145,7 +148,7 @@ Note: Please add new entries to the beg
<dates>
<discovery>2012-11-09</discovery>
<entry>2012-11-10</entry>
- <modified>2012-11-10</modified>
+ <modified>2012-11-13</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list