Date: Sat, 26 Sep 2020 18:50:13 +0200 From: Niclas Zeising <zeising@freebsd.org> To: Tobias Kortkamp <tobik@FreeBSD.org>, Jochen Neumeister <joneum@FreeBSD.org>, ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org, desktop@FreeBSD.org Subject: Re: svn commit: r542951 - in head/x11-toolkits/pango: . files Message-ID: <1e425ab6-1759-9db1-a2c2-85913a77acbd@freebsd.org> In-Reply-To: <1459968b-5630-4053-9d83-ae4e0f77957c@www.fastmail.com> References: <202007231834.06NIYopt071450@repo.freebsd.org> <1459968b-5630-4053-9d83-ae4e0f77957c@www.fastmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2020-09-24 20:10, Tobias Kortkamp wrote: > On Thu, Jul 23, 2020, at 18:34, Jochen Neumeister wrote: >> Author: joneum >> Date: Thu Jul 23 18:34:50 2020 >> New Revision: 542951 >> URL: https://svnweb.freebsd.org/changeset/ports/542951 >> >> Log: >> SECURITY UPDATE: Buffer overflow >> >> Gnome Pango 1.42 and later is affected by: Buffer Overflow. The >> impact is: The heap based buffer overflow can be used to get code >> execution. The component is: function name: >> pango_log2vis_get_embedding_levels, assignment of nchars and the loop >> condition. The attack vector is: Bug can be used when application pass >> invalid utf-8 strings to functions like pango_itemize. >> >> PR: 239563 >> Reported by: Miyashita Touka <imagin8r@protonmail.com> >> Approved by: gnome (maintainer timeout) >> MFH: 2020Q3 >> Security: 456375e1-cd09-11ea-9172-4c72b94353b5 >> Sponsored by: Netzkommune GmbH > > The port is still vulnerable: files/CVE-20191010238 has no 'patch-' > prefix so is never applied by the framework. How did this pass > review? This has been fixed in ports r550179, and VuXML has been updated with the actual version of pango where this got fixed. Regards -- Niclas Zeising
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1e425ab6-1759-9db1-a2c2-85913a77acbd>