From owner-svn-ports-all@freebsd.org Sun Jan 17 12:55:16 2016 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00396A8697C; Sun, 17 Jan 2016 12:55:16 +0000 (UTC) (envelope-from rakuco@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id CFDC41007; Sun, 17 Jan 2016 12:55:15 +0000 (UTC) (envelope-from rakuco@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id u0HCtEIU094124; Sun, 17 Jan 2016 12:55:14 GMT (envelope-from rakuco@FreeBSD.org) Received: (from rakuco@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id u0HCtEZr094118; Sun, 17 Jan 2016 12:55:14 GMT (envelope-from rakuco@FreeBSD.org) Message-Id: <201601171255.u0HCtEZr094118@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: rakuco set sender to rakuco@FreeBSD.org using -f From: Raphael Kubo da Costa Date: Sun, 17 Jan 2016 12:55:14 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r406314 - in head/net: libproxy libproxy-gnome libproxy-kde libproxy-perl libproxy-webkit libproxy/files X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 17 Jan 2016 12:55:16 -0000 Author: rakuco Date: Sun Jan 17 12:55:14 2016 New Revision: 406314 URL: https://svnweb.freebsd.org/changeset/ports/406314 Log: Add upstream patch to fix CVE-2012-4504. Approved by: gnome (kwm) Security: 3b5c2362-bd07-11e5-b7ef-5453ed2e2b49 Security: CVE-2012-4504 Added: head/net/libproxy/files/patch-CVE-2012-4504 (contents, props changed) Modified: head/net/libproxy-gnome/Makefile head/net/libproxy-kde/Makefile head/net/libproxy-perl/Makefile head/net/libproxy-webkit/Makefile head/net/libproxy/Makefile Modified: head/net/libproxy-gnome/Makefile ============================================================================== --- head/net/libproxy-gnome/Makefile Sun Jan 17 12:53:59 2016 (r406313) +++ head/net/libproxy-gnome/Makefile Sun Jan 17 12:55:14 2016 (r406314) @@ -2,7 +2,7 @@ # $FreeBSD$ # $MCom: ports/net/libproxy-gnome/Makefile,v 1.1 2011/01/12 13:10:53 kwm Exp $ -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= net devel PKGNAMESUFFIX= -gnome Modified: head/net/libproxy-kde/Makefile ============================================================================== --- head/net/libproxy-kde/Makefile Sun Jan 17 12:53:59 2016 (r406313) +++ head/net/libproxy-kde/Makefile Sun Jan 17 12:55:14 2016 (r406314) @@ -2,7 +2,7 @@ # $FreeBSD$ # $MCom: ports/net/libproxy-kde/Makefile,v 1.1 2011/01/12 13:10:53 kwm Exp $ -PORTREVISION= 5 +PORTREVISION= 6 CATEGORIES= net devel PKGNAMESUFFIX= -kde Modified: head/net/libproxy-perl/Makefile ============================================================================== --- head/net/libproxy-perl/Makefile Sun Jan 17 12:53:59 2016 (r406313) +++ head/net/libproxy-perl/Makefile Sun Jan 17 12:55:14 2016 (r406314) @@ -2,7 +2,7 @@ # $FreeBSD$ # $MCom: ports/net/libproxy-perl/Makefile,v 1.1 2011/01/12 13:10:53 kwm Exp $ -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= net lang PKGNAMESUFFIX= -perl Modified: head/net/libproxy-webkit/Makefile ============================================================================== --- head/net/libproxy-webkit/Makefile Sun Jan 17 12:53:59 2016 (r406313) +++ head/net/libproxy-webkit/Makefile Sun Jan 17 12:55:14 2016 (r406314) @@ -2,7 +2,7 @@ # $FreeBSD$ # $MCom: ports/net/libproxy-webkit/Makefile,v 1.13 2011/03/06 23:12:41 kwm Exp $ -PORTREVISION= 3 +PORTREVISION= 4 CATEGORIES= net www PKGNAMESUFFIX= -webkit Modified: head/net/libproxy/Makefile ============================================================================== --- head/net/libproxy/Makefile Sun Jan 17 12:53:59 2016 (r406313) +++ head/net/libproxy/Makefile Sun Jan 17 12:55:14 2016 (r406314) @@ -4,7 +4,7 @@ PORTNAME= libproxy PORTVERSION= 0.4.6 -PORTREVISION?= 0 +PORTREVISION?= 1 CATEGORIES?= net devel MASTER_SITES= GOOGLE_CODE Added: head/net/libproxy/files/patch-CVE-2012-4504 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/net/libproxy/files/patch-CVE-2012-4504 Sun Jan 17 12:55:14 2016 (r406314) @@ -0,0 +1,22 @@ +commit c440553c12836664afd24a24fb3a4d10a2facd2c +Author: nicolas.dufresne@gmail.com +Date: Wed Oct 10 16:14:27 2012 +0000 + + Fix buffer overflow downloading large pac file + + This fixes CVE CVE-2012-4504 + +--- libproxy/url.cpp ++++ libproxy/url.cpp +@@ -474,9 +474,10 @@ char* url::get_pac() { + // Add this chunk to our content length, + // ensuring that we aren't over our max size + content_length += chunk_length; +- if (content_length >= PAC_MAX_SIZE) break; + } + ++ if (content_length >= PAC_MAX_SIZE) break; ++ + while (recvd != content_length) { + int r = recv(sock, buffer + recvd, content_length - recvd, 0); + if (r < 0) break;