From ba79e716e7fb50cb095b4aec686e86368668b398 Mon Sep 17 00:00:00 2001 From: Dave Cottlehuber Date: Wed, 1 Jun 2016 09:49:22 +0000 Subject: [PATCH] www/h2o: update 1.7.2 to 1.7.3 to fix CVE-2016-4817 --- security/vuxml/vuln.xml | 30 ++++++++++++++++++++++++++++++ www/h2o/Makefile | 2 +- www/h2o/distinfo | 6 +++--- 3 files changed, 34 insertions(+), 4 deletions(-) diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index dc12b31..8430ea0 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,36 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + h2o -- use after free on premature connection close + + + h2o + 1.7.3 + + + + +

Tim Newsha reports:

+
When H2O tries to disconnect a premature HTTP/2 connection, it + calls free(3) to release memory allocated for the connection and + immediately after then touches the memory. No malloc-related + operation is performed by the same thread between the time it calls + free and the time the memory is touched. Fixed by Frederik + Deweerdt.
+

+ + + + https://h2o.examp1e.net/vulnerabilities.html + + + 2016-05-17 + 2016-05-26 + + + nginx -- a specially crafted request might result in worker process crash diff --git a/www/h2o/Makefile b/www/h2o/Makefile index d18bd7b1..4a90d1c 100644 --- a/www/h2o/Makefile +++ b/www/h2o/Makefile @@ -2,7 +2,7 @@ # $FreeBSD$ PORTNAME= h2o -PORTVERSION= 1.7.2 +PORTVERSION= 1.7.3 DISTVERSIONPREFIX= v CATEGORIES= www diff --git a/www/h2o/distinfo b/www/h2o/distinfo index 82f6caf..ae6d9fe 100644 --- a/www/h2o/distinfo +++ b/www/h2o/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1463131188 -SHA256 (h2o-h2o-v1.7.2_GH0.tar.gz) = fd75eab905dff9bcfd6c9c45d83a4cd0c133cc82a7d3dd48537244b12c2327a8 -SIZE (h2o-h2o-v1.7.2_GH0.tar.gz) = 6541718 +TIMESTAMP = 1464774475 +SHA256 (h2o-h2o-v1.7.3_GH0.tar.gz) = 546bcde8aa3cf996d161d1e75aaad159d10fca1b3d368c4270f0674e8c78a213 +SIZE (h2o-h2o-v1.7.3_GH0.tar.gz) = 6541316