CVS commit: pkgsrc/chat/libotr

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/chat/libotr
From: "Greg Troxel" <gdt%netbsd.org@localhost>
Date: Wed, 9 Mar 2016 18:04:17 +0000

Module Name:    pkgsrc
Committed By:   gdt
Date:           Wed Mar  9 18:04:17 UTC 2016

Modified Files:
        pkgsrc/chat/libotr: Makefile distinfo

Log Message:
Update to 4.1.1.

This is a security release addressing CVE-2016-2851.

- Fix an integer overflow bug that can cause a heap buffer overflow (and
  from there remote code execution) on 64-bit platforms
- Fix possible free() of an uninitialized pointer
- Be stricter about parsing v3 fragments
- Add a testsuite ("make check" to run it), but only on Linux for now,
  since it uses Linux-specific features such as epoll
- Fix a memory leak when reading a malformed instance tag file
- Protocol documentation clarifications


To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 pkgsrc/chat/libotr/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/chat/libotr/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index