Re: pkg/55809: Webalizer seqfaults on NetBSD 9.0 and NetBSD 9.1

[Benny Siegert <bsiegert%gmail.com@localhost>]

The following reply was made to PR pkg/55809; it has been noted by GNATS.

From: Benny Siegert <bsiegert%gmail.com@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: pkg-manager%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, pkgsrc-bugs%netbsd.org@localhost
Subject: Re: pkg/55809: Webalizer seqfaults on NetBSD 9.0 and NetBSD 9.1
Date: Thu, 26 Nov 2020 16:21:49 +0100

 Yes, this indicates a buffer overflow, which is a security issue. This
 is something that you should report upstream.
 
 That said, the pkgsrc package is an older version, and version 2.23-08
 (released in 2013!) says in the release notes that it fixes a buffer
 overflow.