On Wed, Apr 15, 2015 at 02:01:47PM +0200, Jérémie Courrèges-Anglas wrote: > > Hi, > > here's an update to the latest libksba release that fixes several > problems. No CVE has been assigned (yet?). >
Hi, Ok pea@ Regards, > oss-security thread: > > http://www.openwall.com/lists/oss-security/2015/04/13/5 > > NEWS entry: > > --8<-- > Noteworthy changes in version 1.3.3 (2015-04-10) [C19/A11/R4] > ------------------------------------------------ > > * Fixed an integer overflow in the DN decoder. > > * Now returns an error instead of terminating the process for certain > bad BER encodings. > > * Improved the parsing of utf-8 strings in DNs. > > * Allow building with newer versions of Bison. > > * Improvement building on Windows with newer versions of Mingw. > -->8-- > > Index: Makefile > =================================================================== > RCS file: /cvs/ports/security/libksba/Makefile,v > retrieving revision 1.12 > diff -u -p -r1.12 Makefile > --- Makefile 16 Mar 2015 18:07:54 -0000 1.12 > +++ Makefile 15 Apr 2015 11:56:15 -0000 > @@ -2,9 +2,8 @@ > > COMMENT = X.509 library > > -DISTNAME = libksba-1.3.2 > +DISTNAME = libksba-1.3.3 > CATEGORIES = security > -REVISION = 0 > > SHARED_LIBS = ksba 0.2 #19 > > Index: distinfo > =================================================================== > RCS file: /cvs/ports/security/libksba/distinfo,v > retrieving revision 1.4 > diff -u -p -r1.4 distinfo > --- distinfo 16 Dec 2014 10:05:27 -0000 1.4 > +++ distinfo 15 Apr 2015 11:56:15 -0000 > @@ -1,2 +1,2 @@ > -SHA256 (libksba-1.3.2.tar.bz2) = 65VTeVXfwoRWkKTMODYHT6bQosLKLL8XWTZNO9mGhAY= > -SIZE (libksba-1.3.2.tar.bz2) = 600952 > +SHA256 (libksba-1.3.3.tar.bz2) = DH9f/jTQQU9pUdmICkb8wphcSH98NjabnxGtQRMcd4Y= > +SIZE (libksba-1.3.3.tar.bz2) = 618698 > > > -- > jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
