Next | Query returned 1 messages, browsing 1 to 10 | previous

History of commit frequency

CVS Commit History:


   2016-03-22 20:04:34 by Benny Siegert | Files touched by this commit (2)
Log message:
Pullup ticket #4954 - requested by gdt
chat/libotr: security fix

Revisions pulled up:
- chat/libotr/Makefile                                          1.18
- chat/libotr/distinfo                                          1.12

---
   Module Name:	pkgsrc
   Committed By:	gdt
   Date:		Wed Mar  9 18:04:17 UTC 2016

   Modified Files:
   	pkgsrc/chat/libotr: Makefile distinfo

   Log message:
   Update to 4.1.1.

   This is a security release addressing CVE-2016-2851.

   - Fix an integer overflow bug that can cause a heap buffer overflow (and
     from there remote code execution) on 64-bit platforms
   - Fix possible free() of an uninitialized pointer
   - Be stricter about parsing v3 fragments
   - Add a testsuite ("make check" to run it), but only on Linux for now,
     since it uses Linux-specific features such as epoll
   - Fix a memory leak when reading a malformed instance tag file
   - Protocol documentation clarifications

Next | Query returned 1 messages, browsing 1 to 10 | previous