There is buffer overrun error in the Math::Geometry::Planar perl module that causes intermittent segfaults when using the GPC library. This is both a stability and a security issue: Passing a cleverly crafted polygon to the library may allow a malicious user to execute arbitrary code. The latest version of Math::Geometry::Planar (1.18) contains a fix for this. Attached is a patch to the p5-Math-Geometry-Planar ports module. Fix: Update to latest version of Math::Geometry::Planar (1.18), which contains the fix. Patch to ports module p5-Math-Geometry-Planar attached. Patch attached with submission follows: How-To-Repeat: thrash Math::Geometry::Planar::convert2gpc() with numerous polygons of multiple contours.
Responsible Changed From-To: freebsd-ports-bugs->perl perl@ wants this port PRs (via the GNATS Auto Assign Tool)
wen 2011-03-12 00:38:30 UTC FreeBSD ports repository Modified files: math/p5-Math-Geometry-Planar Makefile distinfo Log: - Update to 1.18 ChangeLog: http://cpansearch.perl.org/src/DVDPOL/Math-Geometry-Planar-1.18-withoutworldwriteables/Changes PR: ports/155476 Submitted by: Mark Henning <henning.m@emsglobaltracking.com> Revision Changes Path 1.6 +2 -1 ports/math/p5-Math-Geometry-Planar/Makefile 1.3 +2 -3 ports/math/p5-Math-Geometry-Planar/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed. Thanks!