Date: Thu, 23 Jun 2016 13:40:12 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 210493] archivers/libarchive: update to 3.2.1 Message-ID: <bug-210493-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D210493 Bug ID: 210493 Summary: archivers/libarchive: update to 3.2.1 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: easy, patch, security Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: glewis@FreeBSD.org Reporter: cmt@freebsd.org Flags: maintainer-feedback?(glewis@FreeBSD.org), maintainer-feedback?, merge-quarterly? Assignee: glewis@FreeBSD.org Created attachment 171710 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D171710&action= =3Dedit update libarchive to 3.2.1 https://github.com/libarchive/libarchive/blob/master/NEWS http://blog.talosintel.com/2016/06/the-poisoned-archives.html https://groups.google.com/forum/#!topic/libarchive-announce/lyaOLoBI1Fs libarchive 3.2.1 fixes several vulnerabilities including memory corruption = and code execution. I'm attaching the update patch, poudriere log and vuln.xml fragment. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-210493-13>