pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/www/logswan logswan: update to 2.1.12.
details: https://anonhg.NetBSD.org/pkgsrc/rev/427c9db150d0
branches: trunk
changeset: 770538:427c9db150d0
user: fcambus <fcambus%pkgsrc.org@localhost>
date: Thu Dec 02 10:39:17 2021 +0000
description:
logswan: update to 2.1.12.
Logswan 2.1.12 (2021-12-02)
- Fix a use-after-free (read) triggered by strcmp(3) calls.
The parse_request() function didn't zero out the parsed_request struct
between each call. Since the parsing loop was switched to using getline(3)
instead of a fixed size buffer to process log lines, it could reference
already freed memory in certain cases.
Thanks to Brian Carpenter (@geeknik) for finding and reporting the issue.
diffstat:
www/logswan/Makefile | 4 ++--
www/logswan/distinfo | 8 ++++----
2 files changed, 6 insertions(+), 6 deletions(-)
diffs (25 lines):
diff -r 05c83748e555 -r 427c9db150d0 www/logswan/Makefile
--- a/www/logswan/Makefile Thu Dec 02 10:02:01 2021 +0000
+++ b/www/logswan/Makefile Thu Dec 02 10:39:17 2021 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.24 2021/11/21 07:18:19 fcambus Exp $
+# $NetBSD: Makefile,v 1.25 2021/12/02 10:39:17 fcambus Exp $
-DISTNAME= logswan-2.1.11
+DISTNAME= logswan-2.1.12
CATEGORIES= www
MASTER_SITES= ${MASTER_SITE_GITHUB:=fcambus/}
GITHUB_RELEASE= ${PKGVERSION_NOREV}
diff -r 05c83748e555 -r 427c9db150d0 www/logswan/distinfo
--- a/www/logswan/distinfo Thu Dec 02 10:02:01 2021 +0000
+++ b/www/logswan/distinfo Thu Dec 02 10:39:17 2021 +0000
@@ -1,5 +1,5 @@
-$NetBSD: distinfo,v 1.23 2021/11/21 07:18:19 fcambus Exp $
+$NetBSD: distinfo,v 1.24 2021/12/02 10:39:17 fcambus Exp $
-BLAKE2s (logswan-2.1.11.tar.gz) = fb9c1ab248f5612f255cbe93e720ce7f1d004f32289ae442e4b9cc05449c1dd7
-SHA512 (logswan-2.1.11.tar.gz) = cd93d9562b01829f0a453d05a2cea2a709f3bc50b709f02cbf60171e90a0ffa3ef3600e90270ead82a6fe6d7cdc10a6187a2f222b21c17d9a6c94c9fad842ff0
-Size (logswan-2.1.11.tar.gz) = 23620 bytes
+BLAKE2s (logswan-2.1.12.tar.gz) = fa26443e40047210577782dbd26b614b0d37745597f31097b4844c0885132b7e
+SHA512 (logswan-2.1.12.tar.gz) = 27e8feec27b5d56b426aa39142d1e42967cfffd08a61408a3a3cbd17bc95d676a19e774af4cb406a31f76eac0b7b160bb45f36b4f3c8c3537468bde85f6c9620
+Size (logswan-2.1.12.tar.gz) = 23813 bytes
Home |
Main Index |
Thread Index |
Old Index