191030 – [SECURITY] sysutils/file -> 5.19

Bug 191030 - [SECURITY] sysutils/file -> 5.19

Summary: [SECURITY] sysutils/file -> 5.19

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Brendan Fabeny

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-06-14 14:14 UTC by jharris
Modified:	2014-06-26 13:39 UTC (History)
CC List:	3 users (show)

See Also:

Attachments
patch (816 bytes, patch) 2014-06-14 14:14 UTC, jharris	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description jharris 2014-06-14 14:14:48 UTC

Created attachment 143772 [details]
patch

Update sysutils/file to 5.19, with security fixes, including:

2014-06-09   9:04  Christos Zoulas
        
        * Misc buffer overruns and missing buffer size tests in cdf parsing
          (Francisco Alonso, Jan Kaluza)

2014-06-02  14:50  Christos Zoulas

        * Enforce limit of 8K on regex searches that have no limits


2014-04-01  15:25  Christos Zoulas

        * PR/341: Jan Kaluza, fix memory leak
        * PR/342: Jan Kaluza, fix out of bounds read

Comment 1 Mark Linimon freebsd_committer

2014-06-15 04:07:26 UTC

Over to maintainer.

Comment 2 jharris 2014-06-26 13:39:42 UTC

Noticed and fixed 3 days later, independently, by bapt@:


r358069 | bapt | 2014-06-17 03:09:12 -0400 (Tue, 17 Jun 2014) | 8 lines

Update to 5.19
Bug fix and security fixes release:
http://mx.gw.com/pipermail/file/2014/001553.html

While here convert to USES=libtool

With hat:       portmgr