From owner-svn-ports-all@FreeBSD.ORG Tue Nov 13 18:17:14 2012 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2C4764BF; Tue, 13 Nov 2012 18:17:14 +0000 (UTC) (envelope-from jase@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) by mx1.freebsd.org (Postfix) with ESMTP id 1218A8FC14; Tue, 13 Nov 2012 18:17:14 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.5/8.14.5) with ESMTP id qADIHDpE094776; Tue, 13 Nov 2012 18:17:13 GMT (envelope-from jase@svn.freebsd.org) Received: (from jase@localhost) by svn.freebsd.org (8.14.5/8.14.5/Submit) id qADIHDi5094774; Tue, 13 Nov 2012 18:17:13 GMT (envelope-from jase@svn.freebsd.org) Message-Id: <201211131817.qADIHDi5094774@svn.freebsd.org> From: Jase Thew Date: Tue, 13 Nov 2012 18:17:13 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r307387 - head/security/vuxml X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Nov 2012 18:17:14 -0000 Author: jase Date: Tue Nov 13 18:17:13 2012 New Revision: 307387 URL: http://svnweb.freebsd.org/changeset/ports/307387 Log: - Update recent weechat entry (e02c572f-2af0-11e2-bb44-003067b2972c) - Document assigned CVE Identifier - Document workaround for vulnerable versions Feature safe: yes Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Nov 13 18:06:16 2012 (r307386) +++ head/security/vuxml/vuln.xml Tue Nov 13 18:17:13 2012 (r307387) @@ -134,10 +134,13 @@ Note: Please add new entries to the beg

A buffer overflow is causing a crash or freeze of WeeChat when decoding IRC colors in strings.

+

Workaround for a non-patched version: + /set irc.network.colors_receive off

+ CVE-2012-5854 ports/173513 http://weechat.org/security/ https://savannah.nongnu.org/bugs/?37704 @@ -145,7 +148,7 @@ Note: Please add new entries to the beg 2012-11-09 2012-11-10 - 2012-11-10 + 2012-11-13