Subject: CVS commit: [pkgsrc-2017Q1] pkgsrc/comms/minicom
From: Benny Siegert
Date: 2017-04-19 20:33:39
Message id: 20170419183339.2382CFBE4@cvs.NetBSD.org

Log Message:
Pullup ticket #5317 - requested by sevan
comms/minicom: security fix

Revisions pulled up:
- comms/minicom/Makefile                                        1.69
- comms/minicom/distinfo                                        1.18

---
   Module Name:    pkgsrc
   Committed By:   wiz
   Date:           Tue Apr 18 13:30:57 UTC 2017

   Modified Files:
           pkgsrc/comms/minicom: Makefile distinfo

   Log Message:
   Updated minicom to 2.7.1.

   New for version 2.7.1:
    - CVE-2017-7467: Fix an out of bounds data access that
      can lead to remote code execution. This issue was found
      by Solar Designer of Openwall during a security audit of
      the Virtuozzo 7 product, which contains derived downstream
      code in its prl-vzvncserver component. The corresponding
      Virtuozzo 7 fix is:
   \ 
https://src.openvz.org/projects/OVZ/repos/prl-vzvncserver/commits/6d95404e75b98f36b1cc85ee23df99dcf06ca13f

      Openwall would like to thank the Virtuozzo company for
      funding the effort.

Files:
RevisionActionfile
1.68.10.1modifypkgsrc/comms/minicom/Makefile
1.17.12.1modifypkgsrc/comms/minicom/distinfo