Bug 274413 - textproc/libcue: security update to 2.3.0
Summary: textproc/libcue: security update to 2.3.0
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Sergey A. Osokin
URL: https://github.com/lipnitsk/libcue/re...
Keywords:
Depends on:
Blocks:
 
Reported: 2023-10-11 15:38 UTC by Olivier Duchateau
Modified: 2023-10-22 16:32 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (buganini)
duchateau.olivier: merge-quarterly?

Attachments
Patch to update textproc/libcue (2.27 KB, patch)
2023-10-11 15:38 UTC, Olivier Duchateau 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Olivier Duchateau 2023-10-11 15:38:39 UTC 
Created attachment 245568 [details]
Patch to update textproc/libcue

- Update to 2.3.0 (this release fixes CVE-2023-43641)
- Bump PORTREVISION all consumers
Comment 1 commit-hook freebsd_committer freebsd_triage 2023-10-12 02:12:13 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=3565fe16e72b21d59cb2438ccedb32a54739e1a0

commit 3565fe16e72b21d59cb2438ccedb32a54739e1a0
Author:     Sergey A. Osokin <osa@FreeBSD.org>
AuthorDate: 2023-10-12 02:10:26 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2023-10-12 02:11:06 +0000

    textproc/libcue: security update to 2.3.0

    PR:     274413

 multimedia/audacious-plugins/Makefile | 2 +-
 sysutils/tracker-miners/Makefile      | 2 +-
 textproc/libcue/Makefile              | 4 +++-
 textproc/libcue/distinfo              | 5 +++--
 textproc/libcue/pkg-plist             | 2 +-
 5 files changed, 9 insertions(+), 6 deletions(-)
Comment 2 commit-hook freebsd_committer freebsd_triage 2023-10-14 22:41:59 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=bef6792d8cc647cd5bdf4cbbdb86b53e8f30285d

commit bef6792d8cc647cd5bdf4cbbdb86b53e8f30285d
Author:     Sergey A. Osokin <osa@FreeBSD.org>
AuthorDate: 2023-10-14 22:40:11 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2023-10-14 22:40:11 +0000

    security/vuxml: Document a vulnerability in textproc/libcue

    PR:     274413

 security/vuxml/vuln/2023.xml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
Comment 3 commit-hook freebsd_committer freebsd_triage 2023-10-22 16:31:43 UTC 
A commit in branch 2023Q4 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=50af3b111d7c4ab3b52bd71039a40731693ca9ff

commit 50af3b111d7c4ab3b52bd71039a40731693ca9ff
Author:     Sergey A. Osokin <osa@FreeBSD.org>
AuthorDate: 2023-10-12 02:10:26 +0000
Commit:     Sergey A. Osokin <osa@FreeBSD.org>
CommitDate: 2023-10-22 16:30:25 +0000

    textproc/libcue: security update to 2.3.0

    PR:     274413
    (cherry picked from commit 3565fe16e72b21d59cb2438ccedb32a54739e1a0)

 multimedia/audacious-plugins/Makefile | 2 +-
 sysutils/tracker-miners/Makefile      | 2 +-
 textproc/libcue/Makefile              | 4 +++-
 textproc/libcue/distinfo              | 5 +++--
 textproc/libcue/pkg-plist             | 2 +-
 5 files changed, 9 insertions(+), 6 deletions(-)
Comment 4 Sergey A. Osokin freebsd_committer freebsd_triage 2023-10-22 16:32:28 UTC 
Fixed, thanks!