From owner-cvs-all@FreeBSD.ORG Sun Jul 31 18:35:22 2005 Return-Path: X-Original-To: cvs-all@FreeBSD.org Delivered-To: cvs-all@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2C37716A41F; Sun, 31 Jul 2005 18:35:22 +0000 (GMT) (envelope-from ler@lerctr.org) Received: from lerami.lerctr.org (lerami.lerctr.org [192.147.25.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2C13143D5E; Sun, 31 Jul 2005 18:35:20 +0000 (GMT) (envelope-from ler@lerctr.org) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=lerami; d=lerctr.org; b=xoMZox8VbRuc4MIG3WchycDBactiKwhJ1Wf0bVVJTMiMTJ135LCPqg4g3nyR5TT4h/vNkNxzJt9QNf3rn6kqNSkJ9k42sQwTq63a9MwobGz8hga+deQ3fZmZv3N17APedAtsa38h/bky1kxi14TmNh7xcNDhRVQOk3RRU+pPGzc=; Received: from [12.150.129.171] (port=2846 helo=lerlaptop) by lerami.lerctr.org with esmtpsa (TLSv1:RC4-MD5:128) (Exim 4.52) id 1DzIea-0007Hq-G2; Sun, 31 Jul 2005 13:35:19 -0500 From: "Larry Rosenman" To: "'Sam Lawrance'" , , , , Date: Sun, 31 Jul 2005 14:34:27 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook, Build 11.0.6353 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670 In-reply-to: <200507311549.j6VFnBTp077649@repoman.freebsd.org> Thread-Index: AcWV530spEoxXUPjRQuOg3j79sWk5AAFs38g Message-Id: X-Spam-Score: -5.9 (-----) X-LERCTR-Spam-Score: -5.9 (-----) X-Spam-Report: (-5.9 points, 5.0 required) ALL_TRUSTED=-3.3 BAYES_00=-2.599 DK_POLICY_SIGNSOME=0.001 X-LERCTR-Spam-Report: (-5.9 points, 5.0 required) ALL_TRUSTED=-3.3 BAYES_00=-2.599 DK_POLICY_SIGNSOME=0.001 DomainKey-Status: no signature Cc: Subject: RE: cvs commit: ports/print/pdflib Makefile ports/print/pdflib/files patch-libs::tiff::tif_dirread.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Jul 2005 18:35:22 -0000 Sam Lawrance wrote: > lawrance 2005-07-31 15:49:11 UTC > > FreeBSD ports repository > > Modified files: > print/pdflib Makefile > print/pdflib/files patch-libs::tiff::tif_dirread.c > Log: > Fix a vulnerability in libtiff embedded in this port. > Bump PORTREVISION. > > Approved by: ale (maintainer) is away > Obtained from: libtiff CVS http://www.remotesensing.org/libtiff/ > Security: > > http://vuxml.FreeBSD.org/68222076-010b-11da-bc08-0001020eed82.html > CAN-2005-1544 > > Revision Changes Path > 1.41 +1 -1 ports/print/pdflib/Makefile > 1.2 +42 -2 > ports/print/pdflib/files/patch-libs::tiff::tif_dirread.c > _______________________________________________ > cvs-all@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/cvs-all > To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org" Can we get the vulnerability db updated to allow this version to build? $ sudo portupgrade -f pdflib vim ---> Upgrading 'pdflib-6.0.1_1' to 'pdflib-6.0.1_2' (print/pdflib) ---> Building '/usr/ports/print/pdflib' ===> Cleaning for libiconv-1.9.2_1 ===> Cleaning for gettext-0.14.5 ===> Cleaning for gmake-3.80_2 ===> Cleaning for libtool-1.5.18 ===> Cleaning for expat-1.95.8_3 ===> Cleaning for pdflib-6.0.1_2 ===> pdflib-6.0.1_2 has known vulnerabilities: => tiff -- buffer overflow vulnerability. Reference: => Please update your ports tree and try again. *** Error code 1 Thanks! LER -- Larry Rosenman http://www.lerctr.org/~ler Phone: +1 972-414-9812 E-Mail: ler@lerctr.org US Mail: 3535 Gaspar Drive, Dallas, TX 75220-3611 US