Date: Mon, 13 Nov 2023 16:49:01 +0000 From: bugzilla-noreply@freebsd.org To: multimedia@FreeBSD.org Subject: maintainer-feedback requested: [Bug 275057] audio/libsndfile: CVE-2022-33065 fix not available in quarterly branch Message-ID: <bug-275057-12827-tRHUIOLbL2@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-275057-12827@https.bugs.freebsd.org/bugzilla/> References: <bug-275057-12827@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
Bugzilla Automation <bugzilla@FreeBSD.org> has asked freebsd-multimedia (Nobody) <multimedia@FreeBSD.org> for maintainer-feedback: Bug 275057: audio/libsndfile: CVE-2022-33065 fix not available in quarterly branch https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D275057 --- Description --- Commits a1f663e8d4a65 and 5dd1286fb9055, which fix the CVE-2022-33065 secur= ity vulnerability in libsndfile, are only included in the main Git branch and n= ot in the quarterly 2023Q4 branch. As I understand it, the commits need to be cherry-picked onto the 2023Q4 Git branch for the fix to be included in the next build of the quarterly package branch.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-275057-12827-tRHUIOLbL2>