Date: Sun, 20 Jun 2004 16:46:16 +0200 From: Oliver Eikemeier <eikemeier@fillmore-labs.com> To: Thierry Thomas <thierry@FreeBSD.org> Cc: ports-committers@FreeBSD.org Subject: Re: cvs commit: ports/textproc/aspell Makefile ports/textproc/aspell/files patch-prog-compress.c ports/security/portaudit-db/database portaudit.txt Message-ID: <95D06D00-C2C8-11D8-9250-00039312D914@fillmore-labs.com> In-Reply-To: <200406200904.i5K94W0c087695@repoman.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Thierry Thomas wrote: > thierry 2004-06-20 09:04:32 UTC > > FreeBSD ports repository > > Modified files: > textproc/aspell Makefile > security/portaudit-db/database portaudit.txt > Added files: > textproc/aspell/files patch-prog-compress.c > Log: > Security: fix a buffer overflow in word-list-compress: > - > <http://marc.theaimsgroup.com/?l=bugtraq&m=108761564006503&w=2>; > - <http://nettwerked.mg2.org/advisories/wlc>; > Thanks for the entry. This matches - linux-aspell-0.50.4.1 - ruby18-raspell-0.1 which may be unintentional. Could you verify that? May I suggest using {,af-,bg-,br-,ca-,cs-,cy-,da-,de-,el-,eo-,es-,fo-,fr-,ga-,gd-,gl-,gv-,hr-,ia-, id-,is-,it-,mi-,ms-,mt-,nb-,nl-,nn-,pl-,pt-,ro-,ru-,sk-,sl-,sv-,sw-,tn-,tr-, uk-,wa-,zu-}aspell<=0.50.5_2 ? Also an seperate entry for linux-aspell-0.50.4.1 (with the same UUID and references) seems appropriate. You can test which ports are match by doing awk -F\| -vpattern='*aspell<=0.50.5_2' '{if(\!system("/usr/local/sbin/pkg_version -T \"" $1 "\" \"" pattern "\"")) print $2}' /usr/ports/INDEX Thanks again -Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?95D06D00-C2C8-11D8-9250-00039312D914>