https://bugs.librdf.org/mantis/view.php?id=650 or https://www.golem.de/news/linux-distributionen-warum-ein-sicherheitsfix-drei-jahre-nicht-ankam-2011-152105.html
Moin moin That should already be adressed; See r554670 and r554671 mfg Tobias
If I read the golem article, the CVE covers another bug, which is indeed fixed by the two revisions. Hanno links a new bug which has no CVE and no fix as of now.
(In reply to Kurt Jaeger from comment #2) The link is at the very end of the article, bug 650
A commit references this bug: Author: adridg Date: Sat Feb 20 16:23:20 UTC 2021 New revision: 566164 URL: https://svnweb.freebsd.org/changeset/ports/566164 Log: Add fix for CVE-2020-25713 raptor2: malformed input file segfault The sample file in the upstream bug report from the PR causes a bus error in PORTREVISION 16, and returns an error (as I suppose it should) now. PR: 251102 Reported by: pi Obtained from: upstream Changes: head/textproc/raptor2/Makefile head/textproc/raptor2/files/patch-CVE-2020-25713
A commit references this bug: Author: adridg Date: Sat Feb 20 16:38:05 UTC 2021 New revision: 566165 URL: https://svnweb.freebsd.org/changeset/ports/566165 Log: Add vuxml entry for textproc/raptor2 CVE PR: 251102 Changes: head/security/vuxml/vuln.xml
Thanks for reporting; it was indeed one *more* bug (which bus errors for me, rather than segfaulting, but still not good).