From owner-freebsd-ports-bugs@FreeBSD.ORG Sun Aug 1 16:30:06 2010 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 77CA51065677 for ; Sun, 1 Aug 2010 16:30:06 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id 2DE328FC1B for ; Sun, 1 Aug 2010 16:30:06 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o71GU63Y014095 for ; Sun, 1 Aug 2010 16:30:06 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o71GU6a9014092; Sun, 1 Aug 2010 16:30:06 GMT (envelope-from gnats) Resent-Date: Sun, 1 Aug 2010 16:30:06 GMT Resent-Message-Id: <201008011630.o71GU6a9014092@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Esa Karkkainen Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 73E101065675; Sun, 1 Aug 2010 16:24:36 +0000 (UTC) (envelope-from ekarkkai@pp.htv.fi) Received: from filtteri2.pp.htv.fi (filtteri2.pp.htv.fi [213.243.153.185]) by mx1.freebsd.org (Postfix) with ESMTP id 259938FC21; Sun, 1 Aug 2010 16:24:35 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by filtteri2.pp.htv.fi (Postfix) with ESMTP id A84AF8BBB6; Sun, 1 Aug 2010 19:04:52 +0300 (EEST) Received: from smtp6.welho.com ([213.243.153.40]) by localhost (filtteri2.pp.htv.fi [213.243.153.185]) (amavisd-new, port 10024) with ESMTP id veDywg5t2eFc; Sun, 1 Aug 2010 19:04:52 +0300 (EEST) Received: from zero.my.domain (cs95087.pp.htv.fi [212.90.95.87]) by smtp6.welho.com (Postfix) with ESMTP id 3AF1E5BC003; Sun, 1 Aug 2010 19:04:52 +0300 (EEST) Received: from thunderbolt.my.domain (thunderbolt.my.domain [10.192.168.30]) by zero.my.domain (8.14.3/8.14.3) with ESMTP id o71G4ppN049308; Sun, 1 Aug 2010 19:04:52 +0300 (EEST) (envelope-from ekarkkai@pp.htv.fi) Received: from thunderbolt.my.domain (localhost [127.0.0.1]) by thunderbolt.my.domain (8.14.4/8.14.4) with ESMTP id o71G4puZ031194; Sun, 1 Aug 2010 19:04:51 +0300 (EEST) (envelope-from ejk@thunderbolt.my.domain) Received: (from ejk@localhost) by thunderbolt.my.domain (8.14.4/8.14.4/Submit) id o71G4poG031193; Sun, 1 Aug 2010 19:04:51 +0300 (EEST) (envelope-from ejk) Message-Id: <201008011604.o71G4poG031193@thunderbolt.my.domain> Date: Sun, 1 Aug 2010 19:04:51 +0300 (EEST) From: Esa Karkkainen To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: fjoe@FreeBSD.org, Esa Karkkainen Subject: ports/149180: Security update to fix archivers/libmspack Infinite Loop Denial of Service X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Esa Karkkainen List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 01 Aug 2010 16:30:06 -0000 >Number: 149180 >Category: ports >Synopsis: Security update to fix archivers/libmspack Infinite Loop Denial of Service >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Sun Aug 01 16:30:05 UTC 2010 >Closed-Date: >Last-Modified: >Originator: Esa Karkkainen >Release: FreeBSD 8.1-RELEASE amd64 >Organization: Is in state of disintegration >Environment: System: FreeBSD 8.1-RELEASE Ports tree updated at Aug 1st, 17:30:19 2010 EET >Description: Please see >How-To-Repeat: Install ports-mgmt/portaudit, run "portaudit -F" command and then try to install archivers/libmspack. >Fix: diff -ruN /usr/ports/archivers/libmspack/Makefile ports/archivers/libmspack/Makefile --- /usr/ports/archivers/libmspack/Makefile 2009-08-02 22:32:06.000000000 +0300 +++ ports/archivers/libmspack/Makefile 2010-08-01 18:56:42.938935398 +0300 @@ -6,7 +6,7 @@ # PORTNAME= libmspack -PORTVERSION= 0.0.20060920 +PORTVERSION= 0.2 CATEGORIES= archivers MASTER_SITES= http://www.cabextract.org.uk/libmspack/ DISTNAME= ${PORTNAME}-${PORTVERSION}alpha diff -ruN /usr/ports/archivers/libmspack/distinfo ports/archivers/libmspack/distinfo --- /usr/ports/archivers/libmspack/distinfo 2009-02-01 10:53:21.000000000 +0200 +++ ports/archivers/libmspack/distinfo 2010-08-01 18:52:06.750312943 +0300 @@ -1,3 +1,3 @@ -MD5 (libmspack-0.0.20060920alpha.tar.gz) = 72003dfa5da2e843e3d5ae0c18f7c969 -SHA256 (libmspack-0.0.20060920alpha.tar.gz) = e2a5397fcd8088da76b72a8bbfac156cd3d0dc916709ed5b034bda74726fe0af -SIZE (libmspack-0.0.20060920alpha.tar.gz) = 498217 +MD5 (libmspack-0.2alpha.tar.gz) = a51c65ba1dc9b53090d4e65e1f55d860 +SHA256 (libmspack-0.2alpha.tar.gz) = 01c951e883aa6518f4c2fd92f64fbab1763c00a7f776a9cce678168479f3e0df +SIZE (libmspack-0.2alpha.tar.gz) = 399498 >Release-Note: >Audit-Trail: >Unformatted: