Bug 195956

Summary:

textproc/libyaml: Fix CVE-2014-9130 and Add LICENSE

Product:

Ports & Packages

Reporter:

Yasuhiro Kimura <yasu>

Component:

Individual Port(s)

Assignee:

Josh Paetzel <jpaetzel>

Status:

Closed FIXED

Severity:

Affects Many People

Keywords:

needs-qa, patch, security

Priority:

---

Flags:

bugzilla: maintainer-feedback? (jpaetzel)

Version:

Latest

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
Add patch to fix CVE-2014-9130 and LICENSE.	none

Description Yasuhiro Kimura freebsd_committer

2014-12-14 01:39:13 UTC

Created attachment 150557 [details]
Add patch to fix CVE-2014-9130 and LICENSE.

* Add security patch from upstream to fix CVE-2014-9130.
  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9130
  https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
* Add LICENSE.

Comment 1 Bugzilla Automation freebsd_committer

2014-12-14 01:39:13 UTC

Auto-assigned to maintainer jpaetzel@FreeBSD.org

Comment 2 Yasuhiro Kimura freebsd_committer

2015-01-05 04:20:34 UTC

Hello,

Would you please check and commit this PR? Because it is security fix it should be committed ASAP.

Best Regards.

Comment 3 Josh Paetzel freebsd_committer

2015-01-13 17:58:41 UTC

Sorry, was away on vacation.  It is committed now. r376978

Comment 4 commit-hook freebsd_committer

2015-01-13 17:58:57 UTC

A commit references this bug:

Author: jpaetzel
Date: Tue Jan 13 17:58:01 UTC 2015
New revision: 376978
URL: https://svnweb.freebsd.org/changeset/ports/376978

Log:
  Patch port for CVE

  PR:	195956
  Submitted by:	yasu@utahime.org

Changes:
  head/textproc/libyaml/Makefile
  head/textproc/libyaml/files/patch-src__scanner.c