Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 20 Apr 2007 22:28:39 +0200
From:      Marcin Wisnicki <mwisnicki+freebsd@gmail.com>
To:        FreeBSD-gnats-submit@FreeBSD.org
Cc:        mi@aldan.algebra.com
Subject:   ports/111971: [PATCH] textproc/libwpd: update to 0.8.9 (CVE Security Fix)
Message-ID:  <46292279.0685aa0f.56e5.7d0e@mx.google.com>
Resent-Message-ID: <200704202034.l3KKYq8T051858@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         111971
>Category:       ports
>Synopsis:       [PATCH] textproc/libwpd: update to 0.8.9 (CVE Security Fix)
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Fri Apr 20 20:34:52 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Marcin Wisnicki
>Release:        FreeBSD 6.2-STABLE i386
>Organization:
>Environment:
System: FreeBSD ghost.pnet.one.pl 6.2-STABLE FreeBSD 6.2-STABLE #5: Sat Feb 10 23:20:51 CET 2007
>Description:
- Update to 0.8.9

Fixes CVE-2007-0002:
  Multiple heap-based buffer overflows in WordPerfect Document importer/exporter (libwpd) before 0.8.9 allow user-assisted remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code

Port maintainer (mi@aldan.algebra.com) is cc'd.

Generated with FreeBSD Port Tools 0.77
>How-To-Repeat:
>Fix:

--- libwpd-0.8.9.patch begins here ---
diff -ruN --exclude=CVS /usr/ports/textproc/libwpd.orig/Makefile /usr/ports/textproc/libwpd/Makefile
--- /usr/ports/textproc/libwpd.orig/Makefile	Fri Apr 20 22:25:25 2007
+++ /usr/ports/textproc/libwpd/Makefile	Fri Apr 20 21:46:33 2007
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	libwpd
-PORTVERSION=	0.8.7
+PORTVERSION=	0.8.9
 CATEGORIES=	textproc
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	libwpd
diff -ruN --exclude=CVS /usr/ports/textproc/libwpd.orig/distinfo /usr/ports/textproc/libwpd/distinfo
--- /usr/ports/textproc/libwpd.orig/distinfo	Sun Dec  3 22:15:03 2006
+++ /usr/ports/textproc/libwpd/distinfo	Fri Apr 20 21:46:50 2007
@@ -1,3 +1,3 @@
-MD5 (libwpd-0.8.7.tar.gz) = 99216fb67846e24aa75a26e246797de2
-SHA256 (libwpd-0.8.7.tar.gz) = 28851dc3864d8f9d1ff88536472d35cc9d91ae37e0e02ae3e2818d512d6a8bfe
-SIZE (libwpd-0.8.7.tar.gz) = 564750
+MD5 (libwpd-0.8.9.tar.gz) = c48c74e90637e5e59140d0bec73a0145
+SHA256 (libwpd-0.8.9.tar.gz) = 0c7067a0ae85006f9c43861f0a686dc595b8a123e98d4198716f98cb53ea32dc
+SIZE (libwpd-0.8.9.tar.gz) = 569384
--- libwpd-0.8.9.patch ends here ---

>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?46292279.0685aa0f.56e5.7d0e>