From owner-cvs-all@FreeBSD.ORG Thu Sep 16 02:15:43 2004 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE84416A4CE; Thu, 16 Sep 2004 02:15:43 +0000 (GMT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8EEA643D48; Thu, 16 Sep 2004 02:15:43 +0000 (GMT) (envelope-from anholt@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.11/8.12.11) with ESMTP id i8G2Fh1O014140; Thu, 16 Sep 2004 02:15:43 GMT (envelope-from anholt@repoman.freebsd.org) Received: (from anholt@localhost) by repoman.freebsd.org (8.12.11/8.12.11/Submit) id i8G2Fh0O014139; Thu, 16 Sep 2004 02:15:43 GMT (envelope-from anholt) Message-Id: <200409160215.i8G2Fh0O014139@repoman.freebsd.org> From: Eric Anholt Date: Thu, 16 Sep 2004 02:15:43 +0000 (UTC) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Subject: cvs commit: ports/x11/libXpm Makefile ports/x11/libXpm/files patch-xpm-sec.patch4 X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Sep 2004 02:15:43 -0000 anholt 2004-09-16 02:15:43 UTC FreeBSD ports repository Modified files: x11/libXpm Makefile Added files: x11/libXpm/files patch-xpm-sec.patch4 Log: Apply fixes for CAN-2004-0687 and CAN-2004-0688 in libXpm (stack-based and integer overflow security vulnerabilities). While I haven't compile-tested this, the patch applies and I think it should be correct, and if it doesn't work then this should be marked FORBIDDEN anyway. Approved by: portmgr Revision Changes Path 1.10 +1 -0 ports/x11/libXpm/Makefile 1.1 +473 -0 ports/x11/libXpm/files/patch-xpm-sec.patch4 (new)