73783 – security update through port update: socat 1.4.0.0 -> socat 1.4.0.3

Bug 73783 - security update through port update: socat 1.4.0.0 -> socat 1.4.0.3

Summary: security update through port update: socat 1.4.0.0 -> socat 1.4.0.3

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-ports-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2004-11-10 17:00 UTC by ADDRESS-HARVESTED-FROM-FREEBSD-PR
Modified:	2004-11-10 23:19 UTC (History)
CC List:	0 users

See Also:

Attachments
file.diff (12.55 KB, patch) 2004-11-10 17:00 UTC, ADDRESS-HARVESTED-FROM-FREEBSD-PR	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description ADDRESS-HARVESTED-FROM-FREEBSD-PR 2004-11-10 17:00:41 UTC

  socat < 1.4.0.3 has a remote code execution vulnerabiliyt. socat 1.4.0.3 has had this bug fixed. Update is therefore required

  See also:

  http://vuxml.FreeBSD.org/f3017ce1-32a4-11d9-a9e7-0001020eed82.html

Fix: Since the files/xio-socks.c file is unneeded anymore, both it and the files directory can be deleted. The patch is below.

Comment 1 Pav Lucistnik freebsd_committer

2004-11-10 23:18:59 UTC

State Changed
From-To: open->closed

Committed, thanks!