Subject: CVS commit: [pkgsrc-2020Q1] pkgsrc/devel/libntlm
From: Benny Siegert
Date: 2020-06-09 13:59:46
Message id: 20200609115946.E9B47FB27@cvs.NetBSD.org

Log Message:
Pullup ticket #6234 - requested by wiz
devel/libntlm: security fix

Revisions pulled up:
- devel/libntlm/Makefile                                        1.22
- devel/libntlm/distinfo                                        1.12

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Tue Jun  9 06:18:18 UTC 2020

   Modified Files:
   	pkgsrc/devel/libntlm: Makefile distinfo

   Log Message:
   libntlm: update to 1.6.

   * Version 1.6 (released 2020-04-19)

   ** Fix buffer overflow in buildSmbNtlmAuth* function.  CVE-2019-17455.
   Reported by Kirin in <https://gitlab.com/jas/libntlm/-/issues/2> and
   patch provided by Cedric Buissart.  See newly introduced regression
   check test_CVE-2019-17455.c for test of a vulnerable library.

   ** API and ABI modifications.
   No changes since last version.

Files:
RevisionActionfile
1.21.2.1modifypkgsrc/devel/libntlm/Makefile
1.11.2.1modifypkgsrc/devel/libntlm/distinfo