Bug 244429 - audio/timidity++: update 2.14.0 -> 2.15.0, fix CVE-2017-11546
Summary: audio/timidity++: update 2.14.0 -> 2.15.0, fix CVE-2017-11546
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Mateusz Piotrowski
URL:
Keywords: security
Depends on:
Blocks:
 
Reported: 2020-02-26 10:41 UTC by Kurt Jaeger
Modified: 2020-03-02 14:02 UTC (History)
2 users (show)

See Also:
0mp: merge-quarterly?


Attachments
patch (1.75 KB, patch)
2020-02-26 10:41 UTC, Kurt Jaeger
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Kurt Jaeger freebsd_committer freebsd_triage 2020-02-26 10:41:05 UTC
Created attachment 211951 [details]
patch

testbuilds look fine. slave ports not tested.
Comment 1 commit-hook freebsd_committer freebsd_triage 2020-03-02 08:56:52 UTC
A commit references this bug:

Author: 0mp
Date: Mon Mar  2 08:56:47 UTC 2020
New revision: 527617
URL: https://svnweb.freebsd.org/changeset/ports/527617

Log:
  Document some audio/timidity++* vulnerabilities

  PR:		244429
  Reported by:	pi
  Security:	CVE-2017-11546
  Security:	CVE-2017-11547
  Security:	CVE-2017-11549

Changes:
  head/security/vuxml/vuln.xml
Comment 2 commit-hook freebsd_committer freebsd_triage 2020-03-02 09:01:53 UTC
A commit references this bug:

Author: 0mp
Date: Mon Mar  2 09:01:28 UTC 2020
New revision: 527618
URL: https://svnweb.freebsd.org/changeset/ports/527618

Log:
  Update to 2.15.0

  PR:		244429
  Submitted by:	pi
  MFH:		2020Q1
  Security:	CVE-2017-11546
  Security:	CVE-2017-11547
  Security:	CVE-2017-11549

Changes:
  head/audio/timidity++/Makefile
  head/audio/timidity++/distinfo
  head/audio/timidity++/files/patch-interface_tk__c.c
Comment 3 commit-hook freebsd_committer freebsd_triage 2020-03-02 09:07:54 UTC
A commit references this bug:

Author: 0mp
Date: Mon Mar  2 09:07:24 UTC 2020
New revision: 527619
URL: https://svnweb.freebsd.org/changeset/ports/527619

Log:
  Mark as BROKEN due to build failures

  PR:		244429
  MFH:		2020Q1

Changes:
  head/audio/timidity++-tcltk/Makefile
Comment 4 Mateusz Piotrowski freebsd_committer freebsd_triage 2020-03-02 09:18:59 UTC
I'd like to MFH the following commits: 527167 527232 527618 527619
Comment 5 commit-hook freebsd_committer freebsd_triage 2020-03-02 14:02:15 UTC
A commit references this bug:

Author: 0mp
Date: Mon Mar  2 14:02:09 UTC 2020
New revision: 527632
URL: https://svnweb.freebsd.org/changeset/ports/527632

Log:
  MFH: r527618 r527619

  - Update audio/timidity++ to 2.15.0. [1]
  - Mark audio/timidity++-tcltk as BROKEN due to build failures.

  PR:		244429
  Submitted by:	pi [1]
  Security:	CVE-2017-11546
  Security:	CVE-2017-11547
  Security:	CVE-2017-11549

  Approved by:	ports-secteam (joneum)

Changes:
_U  branches/2020Q1/
  branches/2020Q1/audio/timidity++/Makefile
  branches/2020Q1/audio/timidity++/distinfo
  branches/2020Q1/audio/timidity++/files/patch-interface_tk__c.c
  branches/2020Q1/audio/timidity++-tcltk/Makefile