Summary: | graphics/openjpeg: fix CVE-2016-5157, CVE-2016-7163 | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Piotr Kubaj <pkubaj> | ||||||
Component: | Individual Port(s) | Assignee: | Mark Felder <feld> | ||||||
Status: | Closed FIXED | ||||||||
Severity: | Affects Many People | CC: | feld, ports-secteam, sunpoet | ||||||
Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(sunpoet) koobs: merge-quarterly+ |
||||||
Version: | Latest | ||||||||
Hardware: | Any | ||||||||
OS: | Any | ||||||||
Attachments: |
|
Description
Piotr Kubaj
2016-09-14 00:24:12 UTC
Created attachment 174759 [details]
vuxml patch
A commit references this bug: Author: feld Date: Tue Oct 11 15:07:54 UTC 2016 New revision: 423769 URL: https://svnweb.freebsd.org/changeset/ports/423769 Log: Document openjpeg vulnerability PR: 212672 Security: CVE-2016-5157 Security: CVE-2016-7163 Changes: head/security/vuxml/vuln.xml Committed, thanks Apologies for the delay. Your submission is *greatly* appreciated. A commit references this bug: Author: feld Date: Tue Oct 11 15:13:16 UTC 2016 New revision: 423771 URL: https://svnweb.freebsd.org/changeset/ports/423771 Log: graphics/openjpeg: Add patches to resolve CVEs PR: 212672 MFH: 2016Q4 Security: CVE-2016-5157 Security: CVE-2016-7163 Changes: head/graphics/openjpeg/Makefile head/graphics/openjpeg/files/patch-src_lib_openjp2_pi.c head/graphics/openjpeg/files/patch-src_lib_openjp2_tcd.c head/graphics/openjpeg/files/patch-tests_compare__dump__files.c head/graphics/openjpeg/files/patch-tests_nonregression_test__suite.ctest.in A commit references this bug: Author: feld Date: Tue Oct 11 15:14:21 UTC 2016 New revision: 423772 URL: https://svnweb.freebsd.org/changeset/ports/423772 Log: MFH: r423771 graphics/openjpeg: Add patches to resolve CVEs PR: 212672 Security: CVE-2016-5157 Security: CVE-2016-7163 Approved by: ports-secteam (with hat) Changes: _U branches/2016Q4/ branches/2016Q4/graphics/openjpeg/Makefile branches/2016Q4/graphics/openjpeg/files/patch-src_lib_openjp2_pi.c branches/2016Q4/graphics/openjpeg/files/patch-src_lib_openjp2_tcd.c branches/2016Q4/graphics/openjpeg/files/patch-tests_compare__dump__files.c branches/2016Q4/graphics/openjpeg/files/patch-tests_nonregression_test__suite.ctest.in Correctly set merge-quarterly |