https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=291266
--- Comment #23 from [email protected] --- A commit in branch 2025Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=b6cf7cefbe981400d989aa5f0d000e3b49f8ce50 commit b6cf7cefbe981400d989aa5f0d000e3b49f8ce50 Author: Matthias Andree <[email protected]> AuthorDate: 2025-12-05 20:15:37 +0000 Commit: Matthias Andree <[email protected]> CommitDate: 2025-12-07 12:15:28 +0000 graphics/png: security update to 1.6.52 Note this isn't the offered patch from the PR, but one that instead puts the APNG patch version into a variable. Reported by: FiLiS Approved by: desktop@ (vishwin) PR: 291266 MFH: 2025Q4 (after a few days) png -- Multiple vulnerabilities Security: CVE-2025-64505 Security: CVE-2025-64506 Security: CVE-2025-64720 Security: CVE-2025-65018 Security: 4b297f5a-cbad-11f0-ac9f-b42e991fc52e png -- Out-of-bounds read Security: CVE-2025-66293 Security: f323f148-d181-11f0-841f-843a4b343614 (cherry picked from commit f1bbe43c186c567cd96c0a5c6fd0c1a159accaf9) graphics/png/Makefile | 7 ++++--- graphics/png/distinfo | 10 +++++----- graphics/png/pkg-plist | 2 +- 3 files changed, 10 insertions(+), 9 deletions(-) -- You are receiving this mail because: You are the assignee for the bug.
