Bug 198796

Summary:

archivers/rpm4: Fix security vulnerability (CVE-2014-8118)

Product:

Ports & Packages

Reporter:

Sevan Janiyan <venture37>

Component:

Individual Port(s)

Assignee:

Johan van Selst <johans>

Status:

Closed FIXED

Severity:

Affects Many People

CC:

johans

Priority:

---

Keywords:

needs-qa, patch

Version:

Latest

Flags:

bugzilla: maintainer-feedback? (johans)

Hardware:

Any

OS:

Any

Attachments:

Description	Flags
CVE-2014-8118 fix	koobs: maintainer-approval? (johans)

Description Sevan Janiyan 2015-03-22 18:21:57 UTC

Attached patch fixes CVE-2014-8118.
https://bugzilla.redhat.com/show_bug.cgi?id=1168715

Comment 1 Sevan Janiyan 2015-03-22 18:24:57 UTC

Created attachment 154663 [details]
CVE-2014-8118 fix

Comment 2 commit-hook freebsd_committer

2015-03-22 18:41:17 UTC

A commit references this bug:

Author: johans
Date: Sun Mar 22 18:40:55 UTC 2015
New revision: 381946
URL: https://svnweb.freebsd.org/changeset/ports/381946

Log:
  Add security fix for CVE-2014-8118

  PR:		198796
  Submitted by:	Sevan Janiyan <venture37@geeklan.co.uk>
  Obtained from:	https://bugzilla.redhat.com/show_bug.cgi?id=1168715
  MFH:		2015Q1

Changes:
  head/archivers/rpm4/Makefile
  head/archivers/rpm4/files/patch-lib_cpio.c

Comment 3 commit-hook freebsd_committer

2015-03-22 19:50:30 UTC

A commit references this bug:

Author: johans
Date: Sun Mar 22 19:49:36 UTC 2015
New revision: 381952
URL: https://svnweb.freebsd.org/changeset/ports/381952

Log:
  MFH: r381946

  Add security fix for CVE-2014-8118

  PR:		198796
  Submitted by:	Sevan Janiyan <venture37@geeklan.co.uk>
  Obtained from:	https://bugzilla.redhat.com/show_bug.cgi?id=1168715
  Approved by:	portmgr

Changes:
_U  branches/2015Q1/
  branches/2015Q1/archivers/rpm4/Makefile
  branches/2015Q1/archivers/rpm4/files/patch-lib_cpio.c

Comment 4 Johan van Selst freebsd_committer

2015-03-23 08:25:27 UTC

Committed, thanks.