From owner-svn-ports-head@FreeBSD.ORG Tue Jan 6 21:12:20 2015 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 214E519F; Tue, 6 Jan 2015 21:12:20 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E09CDDA5; Tue, 6 Jan 2015 21:11:44 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id t06LBiOL035990; Tue, 6 Jan 2015 21:11:44 GMT (envelope-from mandree@FreeBSD.org) Received: (from mandree@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id t06LBiRp035987; Tue, 6 Jan 2015 21:11:44 GMT (envelope-from mandree@FreeBSD.org) Message-Id: <201501062111.t06LBiRp035987@svn.freebsd.org> X-Authentication-Warning: svn.freebsd.org: mandree set sender to mandree@FreeBSD.org using -f From: Matthias Andree Date: Tue, 6 Jan 2015 21:11:44 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r376442 - head/sysutils/busybox X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 06 Jan 2015 21:12:20 -0000 Author: mandree Date: Tue Jan 6 21:11:43 2015 New Revision: 376442 URL: https://svnweb.freebsd.org/changeset/ports/376442 QAT: https://qat.redports.org/buildarchive/r376442/ Log: Add three upstream patches to busybox 1.22.1, bumping PORTREVISION to 2. One fixes the CVE-2014-4608 buffer overrun in LZO2, one fixes the nc app, one fixes the zcat and related apps when accessing files without extension. List busybox < 1.22.1_2 as vulnerable, and add CVE Name to the vulndb. Security: CVE-2014-4608 Security: d1f5e12a-fd5a-11e3-a108-080027ef73ec Modified: head/sysutils/busybox/Makefile head/sysutils/busybox/distinfo Modified: head/sysutils/busybox/Makefile ============================================================================== --- head/sysutils/busybox/Makefile Tue Jan 6 21:11:35 2015 (r376441) +++ head/sysutils/busybox/Makefile Tue Jan 6 21:11:43 2015 (r376442) @@ -3,7 +3,7 @@ PORTNAME= busybox PORTVERSION= 1.22.1 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= sysutils misc shells MASTER_SITES= http://www.busybox.net/downloads/ @@ -12,6 +12,9 @@ PATCH_DIST_STRIP= -p1 PATCHFILES= busybox-1.22.1-ash.patch \ busybox-1.22.1-date.patch \ busybox-1.22.1-iplink.patch \ + busybox-1.22.1-lzop.patch \ + busybox-1.22.1-nc.patch \ + busybox-1.22.1-zcat-no-ext.patch \ # MAINTAINER= mandree@FreeBSD.org Modified: head/sysutils/busybox/distinfo ============================================================================== --- head/sysutils/busybox/distinfo Tue Jan 6 21:11:35 2015 (r376441) +++ head/sysutils/busybox/distinfo Tue Jan 6 21:11:43 2015 (r376442) @@ -6,3 +6,9 @@ SHA256 (busybox-1.22.1-date.patch) = 850 SIZE (busybox-1.22.1-date.patch) = 1008 SHA256 (busybox-1.22.1-iplink.patch) = 186b41734e43ee117cb367055ce6a4d5b3aac671c09d71f2a6347793874d653b SIZE (busybox-1.22.1-iplink.patch) = 425 +SHA256 (busybox-1.22.1-lzop.patch) = cc70144cd273464502e04050abb1bd1d2a36d9a7f4aeef2b2f8172f6c7bc18eb +SIZE (busybox-1.22.1-lzop.patch) = 2103 +SHA256 (busybox-1.22.1-nc.patch) = 0d2f9ba2e9e5db813fe9feb6fc84052ac85403ce2debefb8b1281a05aadec052 +SIZE (busybox-1.22.1-nc.patch) = 615 +SHA256 (busybox-1.22.1-zcat-no-ext.patch) = d9843cc5a62d25d328344d31e1d1dc81a245add647bb377d6a871d5f7c1b2cbe +SIZE (busybox-1.22.1-zcat-no-ext.patch) = 2071