Subject: CVS commit: pkgsrc/www/libwww
To: None <pkgsrc-changes@NetBSD.org>
From: Lubomir Sedlacik <salo@netbsd.org>
List: pkgsrc-changes
Date: 11/03/2005 15:51:59
Module Name: pkgsrc
Committed By: salo
Date: Thu Nov 3 15:51:59 UTC 2005
Modified Files:
pkgsrc/www/libwww: Makefile distinfo
Added Files:
pkgsrc/www/libwww/patches: patch-ap
Log Message:
Security fix for SA17119:
"A vulnerability was found in W3C Libwww, which potentially can be exploited
by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to a boundary error in the
"HTBoundary_put_block()" function when processing multipart MIME data. This
may be exploited to cause an illegal memory access past the end of the input
buffer via specially crafted multipart MIME data.
Successful exploitation can potentially cause an application that uses Libwww
to crash."
http://secunia.com/advisories/17119/
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=159597
Bump PKGREVISION.
Patch from RedHat.
To generate a diff of this commit:
cvs rdiff -r1.61 -r1.62 pkgsrc/www/libwww/Makefile
cvs rdiff -r1.20 -r1.21 pkgsrc/www/libwww/distinfo
cvs rdiff -r0 -r1.1 pkgsrc/www/libwww/patches/patch-ap
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.