Bug 274900
| Summary: | audio/vorbis-tools: Patch for CVE-2023-43361 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Daniel Engberg <diizzy> | ||||
| Component: | Individual Port(s) | Assignee: | Christian Weisgerber <naddy> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | Flags: | naddy:
maintainer-feedback+
|
||||
| Priority: | --- | ||||||
| Version: | Latest | ||||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| URL: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43361 | ||||||
| Attachments: |
|
||||||
|
Description
Daniel Engberg
2023-11-04 08:45:16 UTC
Created attachment 246097 [details]
Patch for vorbis-tools
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=3308e6204714751e1e9a5021c3823a524cba69f1 commit 3308e6204714751e1e9a5021c3823a524cba69f1 Author: Christian Weisgerber <naddy@FreeBSD.org> AuthorDate: 2023-11-05 20:00:54 +0000 Commit: Christian Weisgerber <naddy@FreeBSD.org> CommitDate: 2023-11-05 20:00:54 +0000 security/vuxml: document vorbis-tools vulnerability PR: 274900 Reported by: diizzy security/vuxml/vuln/2023.xml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) Thank you, please commit the patch. A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=d2378ab547da27903d0201a0fef3d272f334d0ac commit d2378ab547da27903d0201a0fef3d272f334d0ac Author: Daniel Engberg <diizzy@FreeBSD.org> AuthorDate: 2023-11-05 20:39:54 +0000 Commit: Daniel Engberg <diizzy@FreeBSD.org> CommitDate: 2023-11-05 20:40:51 +0000 audio/vorbis-tools: Add patch for CVE-2023-43361 Reference: https://www.cve.org/CVERecord?id=CVE-2023-43361 Source: https://gitlab.xiph.org/xiph/vorbis-tools/-/merge_requests/7#note_55477 PR: 274900 Reviewed by: naddy (maintainer) audio/vorbis-tools/Makefile | 4 +-- .../vorbis-tools/files/patch-CVE-2023-43361 (new) | 30 ++++++++++++++++++++++ 2 files changed, 32 insertions(+), 2 deletions(-) Thanks! |