Created attachment 237020 [details] zydis.diff Hi, I updated this port to version 3.2.1 I tested in poudriere. ====> Running Q/A tests (stage-qa) ====> Checking for pkg-plist issues (check-plist) ===> Parsing plist ===> Checking for items in STAGEDIR missing from pkg-plist ===> Checking for items in pkg-plist which are not in STAGEDIR ===> No pkg-plist issues found (check-plist) =>> Checking for staging violations... done =======================<phase: package >============================ ===> Building package for zydis-3.2.1 =========================================================================== =>> Recording filesystem state for preinst... done =======================<phase: install >============================ ===> Installing for zydis-3.2.1 ===> Checking if zydis is already installed ===> Registering installation for zydis-3.2.1 [freebsd13x64-default] Installing zydis-3.2.1... =========================================================================== =>> Checking shared library dependencies 0x0000000000000001 NEEDED Shared library: [libc.so.7] =======================<phase: deinstall >============================ ===> Deinstalling for zydis ===> Deinstalling zydis-3.2.1 Updating database digests format: .......... done Checking integrity... done (0 conflicting) Deinstallation has been requested for the following 1 packages (of 0 packages in the universe): Installed packages to be REMOVED: zydis: 3.2.1 Number of packages to be removed: 1 The operation will free 2 MiB. [freebsd13x64-default] [1/1] Deinstalling zydis-3.2.1... [freebsd13x64-default] [1/1] Deleting files for zydis-3.2.1: .......... done =========================================================================== =>> Checking for extra files and directories [00:01:59] Installing from package [freebsd13x64-default] Installing zydis-3.2.1... [freebsd13x64-default] Extracting zydis-3.2.1: .......... done [00:01:59] Cleaning up ===> Cleaning for zydis-3.2.1 [00:01:59] Deinstalling package Updating database digests format: . done Checking integrity... done (0 conflicting) Deinstallation has been requested for the following 1 packages (of 0 packages in the universe): Installed packages to be REMOVED: zydis: 3.2.1 Number of packages to be removed: 1 The operation will free 2 MiB. [freebsd13x64-default] [1/1] Deinstalling zydis-3.2.1... [freebsd13x64-default] [1/1] Deleting files for zydis-3.2.1: .......... done build of devel/zydis | zydis-3.2.1 ended at Sun Oct 2 18:57:18 CEST 2022
^Triage: Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval. -- Attachment -> Details -> maintainer-approval [+] ^Triage: Maintainer-feedback flag (+) not required unless requested (?) first. Thanks!
This does not patch for me... ===> Patching for zydis-3.2.1 ===> Converting DOS text files to UNIX text files ===> Applying FreeBSD patches for zydis-3.2.1 from /data/fernape_data/FreeBSD-repos/ports/devel/zydis/files 1 out of 1 hunks failed--saving rejects to dependencies/zycore/include/Zycore/Defines.h.rej ===> FAILED Applying FreeBSD patch-dependencies_zycore_include_Zycore_Defines.h ===> FAILED to apply cleanly FreeBSD patch(es) patch-dependencies_zycore_include_Zycore_Defines.h *** Error code 1 Would you have a look? Thanks!
(In reply to Fernando Apesteguía from comment #2) I am sorry I have an old repository without these patches
Created attachment 237056 [details] zydis.diff I fixed patches for this port.
Fixes CVE-2021-41253
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=1664923dd738d05bb1cf309b4fc782ad8e129cc9 commit 1664923dd738d05bb1cf309b4fc782ad8e129cc9 Author: Fernando Apesteguía <fernape@FreeBSD.org> AuthorDate: 2022-10-04 06:07:19 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2022-10-04 06:07:19 +0000 security/vuxml: Add devel/zydis buffer overflow CVE-2021-41253 devel/zydis buffer overflow vulnerability. PR: 266766 Reported by: Martin Filla <freebsd@sysctl.cz> (maintainer) security/vuxml/vuln-2022.xml | 37 +++++++++++++++++++++++++++++++++++++ 1 file changed, 37 insertions(+)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=61392a0734a41440ae817a26016547ebd5ce0ac0 commit 61392a0734a41440ae817a26016547ebd5ce0ac0 Author: Martin Filla <freebsd@sysctl.cz> AuthorDate: 2022-10-04 05:27:53 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2022-10-04 06:12:03 +0000 devel/zydis: update to 3.2.1 ChangeLog: https://github.com/zyantific/zydis/releases/tag/v3.2.1 Fixed a bug where an internal formatter structure wasn't properly initialized. PR: 266766 Reported by: freebsd@sysctl.cz (maintainer) MFH: 2022Q4 (security release) Security: CVE-2021-41253 devel/zydis/Makefile | 4 ++-- devel/zydis/distinfo | 10 +++++----- .../files/patch-dependencies_zycore_include_Zycore_Defines.h | 8 ++++---- devel/zydis/files/patch-dependencies_zycore_src_Format.c | 10 +++++----- devel/zydis/pkg-plist | 5 +++++ 5 files changed, 21 insertions(+), 16 deletions(-)
A commit in branch 2022Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=13d2c5e0aec3dba44720c86b7cdd74f66d70279e commit 13d2c5e0aec3dba44720c86b7cdd74f66d70279e Author: Martin Filla <freebsd@sysctl.cz> AuthorDate: 2022-10-04 05:27:53 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2022-10-04 06:12:58 +0000 devel/zydis: update to 3.2.1 ChangeLog: https://github.com/zyantific/zydis/releases/tag/v3.2.1 Fixed a bug where an internal formatter structure wasn't properly initialized. PR: 266766 Reported by: freebsd@sysctl.cz (maintainer) MFH: 2022Q4 (security release) Security: CVE-2021-41253 (cherry picked from commit 61392a0734a41440ae817a26016547ebd5ce0ac0) devel/zydis/Makefile | 4 ++-- devel/zydis/distinfo | 10 +++++----- .../files/patch-dependencies_zycore_include_Zycore_Defines.h | 8 ++++---- devel/zydis/files/patch-dependencies_zycore_src_Format.c | 10 +++++----- devel/zydis/pkg-plist | 5 +++++ 5 files changed, 21 insertions(+), 16 deletions(-)
Committed and merged to 2022Q4. ^Triage: Security release, merge to quarterly branch Thanks!