Date: Tue, 22 Dec 2015 01:48:48 +0000 From: bugzilla-noreply@freebsd.org To: gnome@FreeBSD.org Subject: [Bug 205502] graphics/librsvg2: update 2.40.10 -> 2.40.12 Message-ID: <bug-205502-6497-tITSZu4kZU@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-205502-6497@https.bugs.freebsd.org/bugzilla/> References: <bug-205502-6497@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=205502 Jason Unovitch <junovitch@freebsd.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |ports-secteam@FreeBSD.org --- Comment #2 from Jason Unovitch <junovitch@freebsd.org> --- The first entry was for fix committed upstream earlier this year. Documented it now as Red Hat reported both at the same time. [1] https://git.gnome.org/browse/librsvg/commit/rsvg-shapes.c?id=40af93e6eb1c94b90c3b9a0b87e0840e126bb8df The later entry is for the application crash via a stack exhaustion issue addressed through rework in 2.40.12. The attached patch is ready for review/commit and will only need to list the following in the commit message. Security: CVE-2015-7558 Security: https://vuxml.FreeBSD.org/freebsd/d6c51737-a84b-11e5-8f5c-002590263bf5.html -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-205502-6497-tITSZu4kZU>