Bug 282228 - converters/tnef: update 1.4.12 → 1.4.18, fix 5 CVEs
Summary: converters/tnef: update 1.4.12 → 1.4.18, fix 5 CVEs
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Renato Botelho
URL: https://github.com/verdammelt/tnef/bl...
Keywords: security
Depends on:
Blocks:
 
Reported: 2024-10-20 13:05 UTC by Älven
Modified: 2024-11-08 14:05 UTC (History)
2 users (show)

See Also:
bugzilla: maintainer-feedback? (garga)
alster: merge-quarterly?

Attachments
[PATCH] converters/tnef: update 1.4.12 → 1.4.18, fix 5 CVEs (2.15 KB, patch)
2024-10-20 13:05 UTC, Älven 		no flags Details | Diff
[PATCH] converters/tnef: update 1.4.12 → 1.4.18, fix 5 CVEs (5.74 KB, patch)
2024-10-26 13:42 UTC, Älven 		alster: maintainer-approval? (garga)
 Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Älven 2024-10-26 13:42:10 UTC 
Created attachment 254532 [details]
[PATCH] converters/tnef: update 1.4.12 → 1.4.18, fix 5 CVEs
Comment 2 commit-hook freebsd_committer freebsd_triage 2024-11-08 14:05:36 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=063b853074238c3d4657eaa934184a9b7274f014

commit 063b853074238c3d4657eaa934184a9b7274f014
Author:     Älven <alster@vinterdalen.se>
AuthorDate: 2024-11-08 14:01:15 +0000
Commit:     Renato Botelho <garga@FreeBSD.org>
CommitDate: 2024-11-08 14:04:20 +0000

    converters/tnef: update 1.4.12 → 1.4.18

    PR:             282228
    Security:       CVE-2017-6307
                    CVE-2017-6308
                    CVE-2017-6309
                    CVE-2017-6310
                    CVE-2017-8911
                    CVE-2019-18849

 converters/tnef/Makefile | 17 ++++++++---------
 converters/tnef/distinfo |  6 +++---
 2 files changed, 11 insertions(+), 12 deletions(-)
Comment 3 commit-hook freebsd_committer freebsd_triage 2024-11-08 14:05:38 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=2f47d7ff7d372e2346427eb77f597c324cf23119

commit 2f47d7ff7d372e2346427eb77f597c324cf23119
Author:     Älven <alster@vinterdalen.se>
AuthorDate: 2024-11-08 14:02:14 +0000
Commit:     Renato Botelho <garga@FreeBSD.org>
CommitDate: 2024-11-08 14:04:20 +0000

    security/vuxml: Document tnef vulnerabilities

    PR:             282228

 security/vuxml/vuln/2024.xml | 83 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 83 insertions(+)
Comment 4 commit-hook freebsd_committer freebsd_triage 2024-11-08 14:05:39 UTC 
A commit in branch 2024Q4 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=a32f4c45189531599308fddc3222c3d46b9e6c24

commit a32f4c45189531599308fddc3222c3d46b9e6c24
Author:     Älven <alster@vinterdalen.se>
AuthorDate: 2024-11-08 14:01:15 +0000
Commit:     Renato Botelho <garga@FreeBSD.org>
CommitDate: 2024-11-08 14:05:15 +0000

    converters/tnef: update 1.4.12 → 1.4.18

    PR:             282228
    Security:       CVE-2017-6307
                    CVE-2017-6308
                    CVE-2017-6309
                    CVE-2017-6310
                    CVE-2017-8911
                    CVE-2019-18849
    (cherry picked from commit 063b853074238c3d4657eaa934184a9b7274f014)

 converters/tnef/Makefile | 17 ++++++++---------
 converters/tnef/distinfo |  6 +++---
 2 files changed, 11 insertions(+), 12 deletions(-)