207880 – [PATCH] net-im/profanity: Use libotr 4 in the wake of CVE-2016-2851

Bug 207880 - [PATCH] net-im/profanity: Use libotr 4 in the wake of CVE-2016-2851

Summary: [PATCH] net-im/profanity: Use libotr 4 in the wake of CVE-2016-2851

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	Tilman Keskinoz

URL:
Keywords:	patch

Depends on:
Blocks:

Reported:	2016-03-10 13:48 UTC by Sascha Holzleiter
Modified:	2016-03-10 15:56 UTC (History)
CC List:	0 users

See Also:

Flags:	bugzilla: maintainer-feedback? (arved)

Attachments
libotr_patch (659 bytes, patch) 2016-03-10 13:48 UTC, Sascha Holzleiter	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sascha Holzleiter 2016-03-10 13:48:51 UTC

Created attachment 167964 [details]
libotr_patch

As there seems to be no update for the 3.x branch of libotr to mitigate CVE-2016-2851 it would be nice to switch to libotr 4.x . 

The attached patch changes the libotr dependency to use securtiy/libotr.

Comment 1 commit-hook freebsd_committer

2016-03-10 14:12:25 UTC

A commit references this bug:

Author: arved
Date: Thu Mar 10 14:12:07 UTC 2016
New revision: 410752
URL: https://svnweb.freebsd.org/changeset/ports/410752

Log:
  Switch to libotr instead of libotr3

  PR:		207880
  Submitted by:	Sascha Holzleiter

Changes:
  head/net-im/profanity/Makefile

Comment 2 Tilman Keskinoz freebsd_committer

2016-03-10 15:56:44 UTC

committed, thanks!