non port: archivers/libarchive/files/patch-CVE-2015-2304 |
Number of commits found: 1 |
Monday, 18 Jan 2016
|
23:51 junovitch
archivers/libarchive: apply patches for multiple security vulnerablities
- Add patch for denial of service via unspecified vectors [1]
- Add patch for directory traveral via absolute paths [2]
- Add patch for crash/infinite loop on malformed CPIO archives (base r282932)
[3]
PR: 200176 [3]
Reported by: Sevan Janiyan <venture37@geeklan.co.uk>
Approved by: maintainer timeout (glewis, 8 months)
Obtained from: https://github.com/libarchive/libarchive
Commits 2253154 [1], 5935715 [2], 3865cf2, e6c9668, 24f5de6 [3]
Security: CVE-2013-0211 [1]
Security: CVE-2015-2304 [2]
Security: https://vuxml.FreeBSD.org/freebsd/7c63775e-be31-11e5-b5fe-002590263bf5.html
MFH: 2016Q1
|
Number of commits found: 1 |