Bug 198314 - fix CVE-2015-2063 in archivers/unace
Summary: fix CVE-2015-2063 in archivers/unace
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Rodrigo Osorio
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-03-05 14:27 UTC by Rodrigo Osorio
Modified: 2015-03-05 22:57 UTC (History)
0 users

See Also:


Attachments
Add a patch to fix CVE (4.15 KB, patch)
2015-03-05 14:27 UTC, Rodrigo Osorio
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Rodrigo Osorio freebsd_committer 2015-03-05 14:27:30 UTC
Created attachment 153836 [details]
Add a patch to fix CVE

A buffer overrun was reported for archivers/unace (CVE-2015-2063)
Attached a patch to fix the issue + take port maintenership.

Poudriere LOG http://www.bebik.net/poudriere/2015-03-05_12h57m23s/logs/unace-1.2b_3.log
Comment 1 commit-hook freebsd_committer 2015-03-05 14:31:39 UTC
A commit references this bug:

Author: rodrigo
Date: Thu Mar  5 14:31:10 UTC 2015
New revision: 380498
URL: https://svnweb.freebsd.org/changeset/ports/380498

Log:
  Add a patch to fix buffer overrun (CVE-2015-2063)
  Bump port revision
  Take the port maintenership

  PR:		198314
  Submitted by:	rodrigo
  Obtained from:	debian
  MFH:		2015Q1
  Security:	CVE-2015-2063

Changes:
  head/archivers/unace/Makefile
  head/archivers/unace/files/patch-CVE-2015-2063
Comment 2 Rodrigo Osorio freebsd_committer 2015-03-05 14:32:26 UTC
committed, thanks
Comment 3 commit-hook freebsd_committer 2015-03-05 22:57:35 UTC
A commit references this bug:

Author: rodrigo
Date: Thu Mar  5 22:56:34 UTC 2015
New revision: 380566
URL: https://svnweb.freebsd.org/changeset/ports/380566

Log:
  MFH: r380498

  Add a patch to fix buffer overrun (CVE-2015-2063)
  Bump port revision
  Take the port maintenership

  PR:		198314
  Submitted by:	rodrigo
  Obtained from:	debian
  Security:	CVE-2015-2063
  Approved by:	ports-secteam

Changes:
_U  branches/2015Q1/
  branches/2015Q1/archivers/unace/Makefile
  branches/2015Q1/archivers/unace/files/patch-CVE-2015-2063