Created attachment 164623 [details] Proposed patch The attached patch updates dpkg to 1.18.4, which was released today. 1.18.4 fixes CVE-2015-0860, for which I've already added an entry in vuln.xml. It also needs to be MFH'ed to 2015Q4.
A commit references this bug: Author: pawel Date: Fri Dec 25 17:43:34 UTC 2015 New revision: 404444 URL: https://svnweb.freebsd.org/changeset/ports/404444 Log: Update to version 1.18.4 Fixes security CVE-2015-0860 PR: 205599 Submitted by: rakuco MFH: 2015Q4 Changes: head/archivers/dpkg/Makefile head/archivers/dpkg/distinfo
A commit references this bug: Author: pawel Date: Fri Dec 25 20:11:06 UTC 2015 New revision: 404468 URL: https://svnweb.freebsd.org/changeset/ports/404468 Log: MFH: r404444 Update to version 1.18.4 Fixes security CVE-2015-0860 PR: 205599 Submitted by: rakuco Approved by: portmgr (erwin) Changes: _U branches/2015Q4/ branches/2015Q4/archivers/dpkg/Makefile branches/2015Q4/archivers/dpkg/distinfo
Committed, thanks for vuln.xml entry!