Date: Thu, 23 Jul 2015 03:28:32 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 201780] dns/libidn: out-of-bounds read issue with invalid UTF-8 input (CVE-2015-2059) Message-ID: <bug-201780-13-G4IyXLLG73@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-201780-13@https.bugs.freebsd.org/bugzilla/> References: <bug-201780-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201780 --- Comment #1 from Jason Unovitch <jason.unovitch@gmail.com> --- Created attachment 159103 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=159103&action=edit libidn-1.31.patch Changelog: - Update to upstream version 1.31 - Add USES=gmake to build on all supported FreeBSD releases PR: 201780 Security: CVE-2015-2059 Security: 4caf01e2-30e6-11e5-a4a5-002590263bf5 Details: - 1.3.1 update is a given. The item worth discussing is upstream's comment in their change log: "and we are marking this release as beta rather than stable to signal that we may reconsider this approach if people disagree. " - Add USES=gmake. libidn-1.30 and libidn-1.31 both build on FreeBSD 10+ where bmake is the default. I tested on 10.1-RELEASE, 10.2-BETA2, and 11-CURRENT. It will not build on 8.4-RELEASE and 9.3-RELEASE (shown below given the default fmake). This makes gmake the default so the port builds on all releases. .... CC tlds.lo CCLD libidn.la Making all in po Error expanding embedded variable. *** [all-recursive] Error code 1 -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-201780-13-G4IyXLLG73>