Fixes for CVE-2009-2347 in tiff2rgba Integer overflows in various inter-color space conversion tools http://www.remotesensing.org/libtiff/v3.9.4.html The code of the shared lib is not affected. Therefor the Fix is not urgent. Fix: Impact: dependend packages will need a rfebuild, to have the new version number recorden in dependency. Please approve the patch below. How-To-Repeat: Update needs appoval from portmrg@
Responsible Changed From-To: freebsd-ports-bugs->portmgr packagebuild for 8.1 affected
Responsible Changed From-To: portmgr->dinoex Slush haven't started yet, this does not need portmgr approval if committed before Friday noon
dinoex 2010-06-16 09:32:43 UTC FreeBSD ports repository Modified files: graphics/tiff Makefile distinfo Log: - Security update to 3.9.4 to fix tiff2rgba Security: http://www.remotesensing.org/libtiff/v3.9.4.html Security: http://www.ocert.org/advisories/ocert-2009-012.html Security: CVE-2009-2347 PR: 147900 Revision Changes Path 1.76 +1 -1 ports/graphics/tiff/Makefile 1.29 +3 -3 ports/graphics/tiff/distinfo _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed committed, thanks.