Date: Wed, 21 Feb 2018 09:55:29 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 226088] devel/cvs: Import inofficial patch to fix CVE-2017-12836 Message-ID: <bug-226088-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D226088 Bug ID: 226088 Summary: devel/cvs: Import inofficial patch to fix CVE-2017-12836 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: fk@fabiankeil.de Created attachment 190853 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D190853&action= =3Dedit devel/cvs: Import inofficial patch to fix CVE-2017-12836 The attached patch adds an inofficial patch to fix CVE-2017-12836 based on a patch by Thorsten Glaser: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D871810#10 The patched file had to be changed and in the first chunk the size of rsh_argv has been extended to 16 to match Debian's upstream version. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-226088-13>