Bug 200197 - [security] graphics/ufraw - CVE-2015-3885
Summary: [security] graphics/ufraw - CVE-2015-3885
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Rodrigo Osorio
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-05-14 17:09 UTC by Sevan Janiyan
Modified: 2015-05-15 07:26 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (rodrigo)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 commit-hook freebsd_committer 2015-05-14 21:28:27 UTC
A commit references this bug:

Author: rodrigo
Date: Thu May 14 21:27:52 UTC 2015
New revision: 386364
URL: https://svnweb.freebsd.org/changeset/ports/386364

Log:
  Upgrade ufraw from 0.19.2 to 0.21
  Remove deprecated patches
  Apply bugfix for CVE-2015-3885

  PR:		200197
  obtained from:	rawtherapee
  MFH:		2015Q2
  Security:	CVE-2015-3885

Changes:
  head/graphics/ufraw/Makefile
  head/graphics/ufraw/distinfo
  head/graphics/ufraw/files/patch-dcraw.cc
  head/graphics/ufraw/files/patch-ufraw.h
Comment 2 Rodrigo Osorio freebsd_committer 2015-05-14 21:29:25 UTC
committed, thanks
Comment 3 Sevan Janiyan 2015-05-14 22:40:45 UTC
Should this get a vuxml entry for a heads up?
Comment 4 commit-hook freebsd_committer 2015-05-15 07:13:08 UTC
A commit references this bug:

Author: rodrigo
Date: Fri May 15 07:12:20 UTC 2015
New revision: 386387
URL: https://svnweb.freebsd.org/changeset/ports/386387

Log:
  security/vuxml: Add CVE-2015-3885 entry for graphics/ufraw

  PR:		200197

Changes:
  head/security/vuxml/vuln.xml
Comment 5 commit-hook freebsd_committer 2015-05-15 07:26:11 UTC
A commit references this bug:

Author: rodrigo
Date: Fri May 15 07:26:05 UTC 2015
New revision: 386389
URL: https://svnweb.freebsd.org/changeset/ports/386389

Log:
  MFH: r386364

  Upgrade ufraw from 0.19.2 to 0.21
   - release bugfixes
   - Support fuji X-Trans filters
  Remove deprecated patches
  Apply bugfix for CVE-2015-3885

  PR:		200197
  obtained from:	rawtherapee
  Security:	CVE-2015-3885
  Approved by:	ports-secteam

Changes:
_U  branches/2015Q2/
  branches/2015Q2/graphics/ufraw/Makefile
  branches/2015Q2/graphics/ufraw/distinfo
  branches/2015Q2/graphics/ufraw/files/patch-dcraw.cc
  branches/2015Q2/graphics/ufraw/files/patch-ufraw.h