Bug 207880 - [PATCH] net-im/profanity: Use libotr 4 in the wake of CVE-2016-2851
Summary: [PATCH] net-im/profanity: Use libotr 4 in the wake of CVE-2016-2851
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Tilman Keskinoz
Keywords: patch
Depends on:
Reported: 2016-03-10 13:48 UTC by Sascha Holzleiter
Modified: 2016-03-10 15:56 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (arved)

libotr_patch (659 bytes, patch)
2016-03-10 13:48 UTC, Sascha Holzleiter
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sascha Holzleiter 2016-03-10 13:48:51 UTC
Created attachment 167964 [details]

As there seems to be no update for the 3.x branch of libotr to mitigate CVE-2016-2851 it would be nice to switch to libotr 4.x . 

The attached patch changes the libotr dependency to use securtiy/libotr.
Comment 1 commit-hook freebsd_committer 2016-03-10 14:12:25 UTC
A commit references this bug:

Author: arved
Date: Thu Mar 10 14:12:07 UTC 2016
New revision: 410752
URL: https://svnweb.freebsd.org/changeset/ports/410752

  Switch to libotr instead of libotr3

  PR:		207880
  Submitted by:	Sascha Holzleiter

Comment 2 Tilman Keskinoz freebsd_committer 2016-03-10 15:56:44 UTC
committed, thanks!