Bug 274350 - math/libtommath: Update to 1.2.1
Summary: math/libtommath: Update to 1.2.1
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Pietro Cerutti
URL: https://github.com/libtom/libtommath/...
Keywords:
Depends on:
Blocks:
 
Reported: 2023-10-08 12:44 UTC by Daniel Engberg
Modified: 2023-10-09 11:58 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (gahr)

Attachments
Patch for libtommath (8.94 KB, patch)
2023-10-08 12:44 UTC, Daniel Engberg 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Engberg freebsd_committer freebsd_triage 2023-10-08 12:44:29 UTC 
Created attachment 245496 [details]
Patch for libtommath

* Stop overriding optimization set by framework
* Fix install path for pkg-config file

Compile and runtime tested on FreeBSD 13.2-RELEASE (amd64) (make, make check-plist, make test)

Poudriere testport OK 12.4-RELEASE (amd64)
Poudriere testport OK 13.2-RELEASE (amd64)

Tested with following users in Poudriere (13.2-RELEASE, amd64):
databases/firebird30-client
databases/firebird30-server
databases/firebird40-client
databases/firebird40-server
devel/bitkeeper
lang/tcl87
security/libtomcrypt
devel/bitkeeper
Comment 1 commit-hook freebsd_committer freebsd_triage 2023-10-09 11:57:52 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c97e9a50f3996f7c8c6e0065209a43220d97eaef

commit c97e9a50f3996f7c8c6e0065209a43220d97eaef
Author:     Pietro Cerutti <gahr@FreeBSD.org>
AuthorDate: 2023-10-09 10:43:52 +0000
Commit:     Pietro Cerutti <gahr@FreeBSD.org>
CommitDate: 2023-10-09 11:57:32 +0000

    math/libtommath: update to 1.2.1

    PR:             274350
    Reported by:    dizzy

    This is a bugfix release because of potential integer overflow.
    See PR #546 and CVE-2023-36328.

 math/libtommath/Makefile                  |  10 ++-
 math/libtommath/distinfo                  |   6 +-
 math/libtommath/files/patch-beba89 (gone) | 137 ------------------------------
 math/libtommath/files/patch-c1cf80 (gone) |  57 -------------
 4 files changed, 10 insertions(+), 200 deletions(-)
Comment 2 Pietro Cerutti freebsd_committer freebsd_triage 2023-10-09 11:58:18 UTC 
Thanks, committed with minor changes.