diff options
| author | bsiegert <bsiegert> | 2016-03-22 19:04:34 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert> | 2016-03-22 19:04:34 +0000 |
| commit | 841c316398105b3a0b7bc67bfdacd703633ac4fe (patch) | |
| tree | 5eccc1a87d9444f791f81aa596f566f6dc0f91c2 | |
| parent | 8fb3e471b34ba1c5a31a2b181b65b787c5bfabb7 (diff) | |
| download | pkgsrc-841c316398105b3a0b7bc67bfdacd703633ac4fe.tar.gz | |
Pullup ticket #4954 - requested by gdt
chat/libotr: security fix
Revisions pulled up:
- chat/libotr/Makefile 1.18
- chat/libotr/distinfo 1.12
---
Module Name: pkgsrc
Committed By: gdt
Date: Wed Mar 9 18:04:17 UTC 2016
Modified Files:
pkgsrc/chat/libotr: Makefile distinfo
Log Message:
Update to 4.1.1.
This is a security release addressing CVE-2016-2851.
- Fix an integer overflow bug that can cause a heap buffer overflow (and
from there remote code execution) on 64-bit platforms
- Fix possible free() of an uninitialized pointer
- Be stricter about parsing v3 fragments
- Add a testsuite ("make check" to run it), but only on Linux for now,
since it uses Linux-specific features such as epoll
- Fix a memory leak when reading a malformed instance tag file
- Protocol documentation clarifications
| -rw-r--r-- | chat/libotr/Makefile | 4 | ||||
| -rw-r--r-- | chat/libotr/distinfo | 10 |
2 files changed, 7 insertions, 7 deletions
diff --git a/chat/libotr/Makefile b/chat/libotr/Makefile index 47d0b821610..51c1b069cb4 100644 --- a/chat/libotr/Makefile +++ b/chat/libotr/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.17 2014/10/21 11:46:31 gdt Exp $ +# $NetBSD: Makefile,v 1.17.10.1 2016/03/22 19:04:34 bsiegert Exp $ -VERSION= 4.1.0 +VERSION= 4.1.1 DISTNAME= libotr-${VERSION} PKGNAME= libotr-${VERSION} CATEGORIES= chat security diff --git a/chat/libotr/distinfo b/chat/libotr/distinfo index e567d1cfccf..2444f81c7fc 100644 --- a/chat/libotr/distinfo +++ b/chat/libotr/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.11 2015/11/03 01:20:21 agc Exp $ +$NetBSD: distinfo,v 1.11.2.1 2016/03/22 19:04:34 bsiegert Exp $ -SHA1 (libotr-4.1.0.tar.gz) = df30bc87a7a8f37678dd679d17fa1f9638ea247e -RMD160 (libotr-4.1.0.tar.gz) = addbde1d9b4f423025ee14481961c580fbe6b9e6 -SHA512 (libotr-4.1.0.tar.gz) = 3c6a6bf8ee64467484519187d1bc86001d5ae6ceb169e9c828f7750a1db3dadfef677b828a5d292e5caa12f874711df4fd2db977d48dc968e9f0edc2eab58e3e -Size (libotr-4.1.0.tar.gz) = 576771 bytes +SHA1 (libotr-4.1.1.tar.gz) = 3894b82a6c307ad011681ad342d69b18344933ae +RMD160 (libotr-4.1.1.tar.gz) = 528c5ad4ba89f3225bebf5b5ecadf815239fed88 +SHA512 (libotr-4.1.1.tar.gz) = c957206235b9f627542f23a645c822ea1b318d83fa655f41ed8d9a3c0dddf30b88f0ca82060026af155e48ecb13969dc9270831f20304669794151f666ae5cb0 +Size (libotr-4.1.1.tar.gz) = 655791 bytes |