Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 26 Jan 2015 21:50:01 +0000
From:      bugzilla-noreply@freebsd.org
To:        freebsd-ports-bugs@FreeBSD.org
Subject:   [Bug 197107] [PATCH MAINTAINER] security/bro, security/broccoli: Update to 2.3.2 (includes two CVE fixes)
Message-ID:  <bug-197107-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=197107

            Bug ID: 197107
           Summary: [PATCH MAINTAINER] security/bro, security/broccoli:
                    Update to 2.3.2 (includes two CVE fixes)
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: freebsd-ports-bugs@FreeBSD.org
          Reporter: leres@ee.lbl.gov

Created attachment 152209
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=152209&action=edit
Patchset for security/bro and security/broccoli

This updates bro and broccoli from 2.3 and 2.3.2, which is a security update.

Changes to the bro port:

    * Rework openssl option logic

    * Remove obsolete 

    * pkgng related changes

Changes to the broccoli port:

    * Remove unused DOCS option

    * Enable PYTHON by default

    * pkgng related changes

    * Minor portlint changes

Changes in 2.3.2:

    * DNP3: fix reachable assertion and buffer over-read/overflow.
    CVE number pending. (Travis Emmert, Jon Siwek)

    * Update binpac: Fix potential out-of-bounds memory reads in
    generated code. CVE-2014-9586. (John Villamil and Chris Rohlf
    - Yahoo Paranoids, Jon Siwek)

    * BIT-1234: Fix build on systems that already have ntohll/htonll.
    (Jon Siwek)

    * BIT-1291: Delete prebuilt python bytecode files from git.  (Jon Siwek)

    * Adding call to new binpac::init() function. (Robin Sommer)

Changes in 2.3.1:

    * Fix a reference counting bug in ListVal ctor. (Jon Siwek)

    * Fix possible buffer over-read in DNS TSIG parsing. (Jon Siwek)

    * Change EDNS parsing code to use rdlength more cautiously.  (Jon Siwek)

    * Fix null pointer dereference in OCSP verification code in
    case no certificate is sent as part as the ocsp reply. Addresses
    BIT-1212.  (Johanna Amann)

    * Fix OCSP reply validation. Addresses BIT-1212 (Johanna Amann)

    * Make links in documentation templates protocol relative. (Johanna Amann)

-- 
You are receiving this mail because:
You are the assignee for the bug.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-197107-13>