pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: [pkgsrc-2015Q4] pkgsrc/chat/libotr
Module Name: pkgsrc
Committed By: bsiegert
Date: Tue Mar 22 19:04:34 UTC 2016
Modified Files:
pkgsrc/chat/libotr [pkgsrc-2015Q4]: Makefile distinfo
Log Message:
Pullup ticket #4954 - requested by gdt
chat/libotr: security fix
Revisions pulled up:
- chat/libotr/Makefile 1.18
- chat/libotr/distinfo 1.12
---
Module Name: pkgsrc
Committed By: gdt
Date: Wed Mar 9 18:04:17 UTC 2016
Modified Files:
pkgsrc/chat/libotr: Makefile distinfo
Log Message:
Update to 4.1.1.
This is a security release addressing CVE-2016-2851.
- Fix an integer overflow bug that can cause a heap buffer overflow (and
from there remote code execution) on 64-bit platforms
- Fix possible free() of an uninitialized pointer
- Be stricter about parsing v3 fragments
- Add a testsuite ("make check" to run it), but only on Linux for now,
since it uses Linux-specific features such as epoll
- Fix a memory leak when reading a malformed instance tag file
- Protocol documentation clarifications
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.17.10.1 pkgsrc/chat/libotr/Makefile
cvs rdiff -u -r1.11 -r1.11.2.1 pkgsrc/chat/libotr/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Home |
Main Index |
Thread Index |
Old Index