Bug 280975

Summary: sysutils/afflib: update 3.7.16 → 3.7.20, fix CVE
Product: Ports & Packages Reporter: Älven <alster>
Component: Individual Port(s)Assignee: Antoine Brodin <antoine>
Status: Closed FIXED    
Severity: Affects Some People CC: antoine
Priority: --- Keywords: security
Version: LatestFlags: antoine: maintainer-feedback+
Hardware: Any   
OS: Any   
URL: https://github.com/sshock/AFFLIBv3/releases
Attachments:
Description Flags
[PATCH] sysutils/afflib: update 3.7.16 → 3.7.20, fix CVE alster: maintainer-approval? (antoine)

Description Älven 2024-08-21 12:17:30 UTC 
Created attachment 252983 [details]
[PATCH] sysutils/afflib: update 3.7.16 → 3.7.20, fix CVE
Comment 1 commit-hook freebsd_committer freebsd_triage 2024-08-21 19:33:50 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=24cbb6294317d1d218f59eab8a1a0b423f0e1476

commit 24cbb6294317d1d218f59eab8a1a0b423f0e1476
Author:     Antoine Brodin <antoine@FreeBSD.org>
AuthorDate: 2024-08-21 19:32:08 +0000
Commit:     Antoine Brodin <antoine@FreeBSD.org>
CommitDate: 2024-08-21 19:32:08 +0000

    sysutils/afflib: update to 3.7.20

    PR:             280975

 sysutils/afflib/Makefile | 3 +--
 sysutils/afflib/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 5 deletions(-)
Comment 2 Antoine Brodin freebsd_committer freebsd_triage 2024-08-21 19:36:45 UTC 
Port updated, thanks
Comment 3 Älven 2024-08-21 19:42:31 UTC 
Thank you too. And what about VuXML? I tried to include it also to warn users about need to upgrade (or just because I that it was right thing to do).
Or it's something to be added by @ports-secteam only?
Comment 4 Antoine Brodin freebsd_committer freebsd_triage 2024-08-21 19:50:10 UTC 
(In reply to Älven from comment #3)
I don't touch vuxml.
And as it is only a local crash,  I'm not sure it's worth warning the user.