On 8/2/23 11:20, Mikhail wrote:
> This update fixes server and client crash if connected to malicious
> process, details are here:
>
> https://downloads.es.net/pub/iperf/esnet-secadv-2023-0001.txt.asc
>
> Full changelog is here:
>
> https://github.com/esnet/iperf/blob/master/RELNOTES.md
>
> Tested on amd64.
thanks for patch, both server and client look and work, OK aisha@
cc'ing maintainer, try to also do the same when sending updates, as the
maintainer has better context of the package than others on the list.
will commit if maintainer doesn't respond by tomorrow as this fixes a
CVE so might be good to get in soon.
> diff /home/build/usr/ports
> commit - f7b4d3d8f3ae0f3c4ba5a7e9def772c58999d69d
> path + /home/build/usr/ports
> blob - 201e85786e6b826e37e68fa5d40f65f2854b7ad1
> file + net/iperf3/Makefile
> --- net/iperf3/Makefile
> +++ net/iperf3/Makefile
> @@ -1,6 +1,6 @@
> COMMENT= tool to measure maximum achievable bandwidth on IP networks
>
> -V= 3.13
> +V= 3.14
> PKGNAME= iperf3-${V}
> DISTNAME= iperf-${V}
>
> blob - 0bb87a47de19c18109e5f7b38363da3ea3ff6cfb
> file + net/iperf3/distinfo
> --- net/iperf3/distinfo
> +++ net/iperf3/distinfo
> @@ -1,2 +1,2 @@
> -SHA256 (iperf-3.13.tar.gz) = vuQnrrE9ai7iIHPyMmH2NxLYK++qg6yMtNtdpMK9yGU=
> -SIZE (iperf-3.13.tar.gz) = 646508
> +SHA256 (iperf-3.14.tar.gz) = cj/MQwoCe8aVJij6KjrHdYSh0L0ygnXlc/ybIGwVUAQ=
> +SIZE (iperf-3.14.tar.gz) = 647944
> blob - 83a4e07d0e88ab3fd3b7e88870fe1fd0e6aa8bfe
> file + net/iperf3/patches/patch-src_iperf_api_c
> --- net/iperf3/patches/patch-src_iperf_api_c
> +++ net/iperf3/patches/patch-src_iperf_api_c
> @@ -3,7 +3,7 @@ Index: src/iperf_api.c
> Index: src/iperf_api.c
> --- src/iperf_api.c.orig
> +++ src/iperf_api.c
> -@@ -2813,7 +2813,7 @@ iperf_defaults(struct iperf_test *testp)
> +@@ -2860,7 +2860,7 @@ iperf_defaults(struct iperf_test *testp)
> testp->stats_interval = testp->reporter_interval = 1;
> testp->num_streams = 1;
>
>
