Date: Fri, 28 Jun 2013 23:07:52 GMT From: Leif Velcro <velcroleaf@rocketmail.com> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/180072: curl port should be updated to version 7.31.0 to fix security issue Message-ID: <201306282307.r5SN7qwY020541@oldred.freebsd.org> Resent-Message-ID: <201306282310.r5SNA0pU052169@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 180072 >Category: ports >Synopsis: curl port should be updated to version 7.31.0 to fix security issue >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Jun 28 23:10:00 UTC 2013 >Closed-Date: >Last-Modified: >Originator: Leif Velcro >Release: 9.1-RELEASE-p4 >Organization: >Environment: FreeBSD server.here.com 9.1-RELEASE-p4 FreeBSD 9.1-RELEASE-p4 #0: Wed Jun 26 04:59:20 EDT 2013 root@server.here.com:/usr/obj/usr/src/sys/server amd64 >Description: portaudit has started complaining about the current curl port: > Affected package: curl-7.24.0_3 > Type of problem: cURL library -- heap corruption in curl_easy_unescape. > Reference: http://portaudit.FreeBSD.org/01cf67b3-dc3b-11e2-a6cd-c48508086173.html More info: http://curl.haxx.se/docs/adv_20130622.html >How-To-Repeat: Check available version against current version. >Fix: Incorporate update into the port. >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201306282307.r5SN7qwY020541>