Date: Thu, 07 Sep 2017 21:25:20 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 222130] textproc/freexl: update to 1.0.4 Message-ID: <bug-222130-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D222130 Bug ID: 222130 Summary: textproc/freexl: update to 1.0.4 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: freebsd-ports-bugs@FreeBSD.org Reporter: lbartoletti@tuxfamily.org Created attachment 186152 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=3D186152&action= =3Dedit Freexl 1.0.4 The Cisco Talos team reported two sensitive security issues affecting FreeXL-1.0.3 and any previous version. "A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send=20 malicious XLS file to trigger this vulnerability." Freexl-1.0.4 fixes both issues. --- It's an easy patch. I have fixed the MPL license. Poudriere 10, 11 i386/amd64 OK portlint OK --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-222130-13>