From owner-svn-ports-all@freebsd.org Sat Sep 26 16:50:22 2020 Return-Path: Delivered-To: svn-ports-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A930B42391D; Sat, 26 Sep 2020 16:50:22 +0000 (UTC) (envelope-from zeising@freebsd.org) Received: from mail.daemonic.se (mail.daemonic.se [176.58.89.161]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4BzFC22JXRz3Y6c; Sat, 26 Sep 2020 16:50:22 +0000 (UTC) (envelope-from zeising@freebsd.org) Received: from cid.daemonic.se (localhost [IPv6:::1]) by mail.daemonic.se (Postfix) with ESMTP id 4BzFBt5h4yz3nDX; Sat, 26 Sep 2020 16:50:14 +0000 (UTC) X-Virus-Scanned: amavisd-new at daemonic.se Received: from mail.daemonic.se ([127.0.0.1]) (using TLS with cipher ECDHE-RSA-AES128-GCM-SHA256) by cid.daemonic.se (mailscanner.daemonic.se [127.0.0.1]) (amavisd-new, port 10587) with ESMTPS id dV4KyWKoENWf; Sat, 26 Sep 2020 16:50:13 +0000 (UTC) Received: from vivi.daemonic.se (vivi.daemonic.se [IPv6:2001:470:dca9:1200::4]) by mail.daemonic.se (Postfix) with ESMTPSA id 4BzFBs4YVyz3mQw; Sat, 26 Sep 2020 16:50:13 +0000 (UTC) Subject: Re: svn commit: r542951 - in head/x11-toolkits/pango: . files To: Tobias Kortkamp , Jochen Neumeister , ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org, desktop@FreeBSD.org References: <202007231834.06NIYopt071450@repo.freebsd.org> <1459968b-5630-4053-9d83-ae4e0f77957c@www.fastmail.com> From: Niclas Zeising Message-ID: <1e425ab6-1759-9db1-a2c2-85913a77acbd@freebsd.org> Date: Sat, 26 Sep 2020 18:50:13 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.11.0 MIME-Version: 1.0 In-Reply-To: <1459968b-5630-4053-9d83-ae4e0f77957c@www.fastmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4BzFC22JXRz3Y6c X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; none X-Spamd-Result: default: False [0.00 / 15.00]; local_wl_from(0.00)[freebsd.org]; ASN(0.00)[asn:36236, ipnet:176.58.89.0/24, country:US] X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 26 Sep 2020 16:50:22 -0000 On 2020-09-24 20:10, Tobias Kortkamp wrote: > On Thu, Jul 23, 2020, at 18:34, Jochen Neumeister wrote: >> Author: joneum >> Date: Thu Jul 23 18:34:50 2020 >> New Revision: 542951 >> URL: https://svnweb.freebsd.org/changeset/ports/542951 >> >> Log: >> SECURITY UPDATE: Buffer overflow >> >> Gnome Pango 1.42 and later is affected by: Buffer Overflow. The >> impact is: The heap based buffer overflow can be used to get code >> execution. The component is: function name: >> pango_log2vis_get_embedding_levels, assignment of nchars and the loop >> condition. The attack vector is: Bug can be used when application pass >> invalid utf-8 strings to functions like pango_itemize. >> >> PR: 239563 >> Reported by: Miyashita Touka >> Approved by: gnome (maintainer timeout) >> MFH: 2020Q3 >> Security: 456375e1-cd09-11ea-9172-4c72b94353b5 >> Sponsored by: Netzkommune GmbH > > The port is still vulnerable: files/CVE-20191010238 has no 'patch-' > prefix so is never applied by the framework. How did this pass > review? This has been fixed in ports r550179, and VuXML has been updated with the actual version of pango where this got fixed. Regards -- Niclas Zeising