notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
All times are UTC
Ukraine
The safest procedure: change your FreshPorts password. Anything you had set before Friday March 24 2023 09:49:20 UTC should be changed. You can read more here: SQL inejection issues fixed and FreshSource code fixes Sorry about the extra work for you.
All known SQL injection issues patched. There is no evidence it was exploited. That doesn’t mean it wasn’t. Please change your password.
non port: net/asterisk/files/patch-AST-2016-003
SVNWeb

Number of commits found: 1

Thu, 4 Feb 2016
[ 11:43 madpilot search for other commits by this committer ] Original commit   Revision:408026
- Add security fixes to net/asterisk port (PORTVERSION bumped)
- Update net/asterisk11 to 11.21.1
- Update net/asterisk13 to 13.7.1

The security update included in these commits introduces an unexpected
incompatibility with FreeBSD 9.3 bundled OpenSSL.
Unluckily simply forcing this port to use ports provided openssl
on 9.x isn't viable, since ftp/curl  by default links with base
openssl. A default binary package would just crash on startup
when loading the asterisk curl module, due to conflicting openssl
implementations being used.

This commit adds a check in the Makefile, copied from the ftp/curl
port, which removes the offending (and unsupported on that openssl
version) code from the source file when linking against base OpenSSL
on 9.x.

Security:	559f3d1b-cb1d-11e5-80a4-001999f8d30b
MFH:		2016Q1

Number of commits found: 1