summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbsiegert <bsiegert>2016-03-22 19:04:34 +0000
committerbsiegert <bsiegert>2016-03-22 19:04:34 +0000
commitd171741be6549dd7e8ead920a0ced6d44875d68f (patch)
tree5eccc1a87d9444f791f81aa596f566f6dc0f91c2
parentdf99b7501eac07b892325c1eb5efacfec5deef57 (diff)
downloadpkgsrc-d171741be6549dd7e8ead920a0ced6d44875d68f.tar.gz
Pullup ticket #4954 - requested by gdt
chat/libotr: security fix Revisions pulled up: - chat/libotr/Makefile 1.18 - chat/libotr/distinfo 1.12 --- Module Name: pkgsrc Committed By: gdt Date: Wed Mar 9 18:04:17 UTC 2016 Modified Files: pkgsrc/chat/libotr: Makefile distinfo Log Message: Update to 4.1.1. This is a security release addressing CVE-2016-2851. - Fix an integer overflow bug that can cause a heap buffer overflow (and from there remote code execution) on 64-bit platforms - Fix possible free() of an uninitialized pointer - Be stricter about parsing v3 fragments - Add a testsuite ("make check" to run it), but only on Linux for now, since it uses Linux-specific features such as epoll - Fix a memory leak when reading a malformed instance tag file - Protocol documentation clarifications
-rw-r--r--chat/libotr/Makefile4
-rw-r--r--chat/libotr/distinfo10
2 files changed, 7 insertions, 7 deletions
diff --git a/chat/libotr/Makefile b/chat/libotr/Makefile
index 47d0b821610..51c1b069cb4 100644
--- a/chat/libotr/Makefile
+++ b/chat/libotr/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.17 2014/10/21 11:46:31 gdt Exp $
+# $NetBSD: Makefile,v 1.17.10.1 2016/03/22 19:04:34 bsiegert Exp $
-VERSION= 4.1.0
+VERSION= 4.1.1
DISTNAME= libotr-${VERSION}
PKGNAME= libotr-${VERSION}
CATEGORIES= chat security
diff --git a/chat/libotr/distinfo b/chat/libotr/distinfo
index e567d1cfccf..2444f81c7fc 100644
--- a/chat/libotr/distinfo
+++ b/chat/libotr/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.11 2015/11/03 01:20:21 agc Exp $
+$NetBSD: distinfo,v 1.11.2.1 2016/03/22 19:04:34 bsiegert Exp $
-SHA1 (libotr-4.1.0.tar.gz) = df30bc87a7a8f37678dd679d17fa1f9638ea247e
-RMD160 (libotr-4.1.0.tar.gz) = addbde1d9b4f423025ee14481961c580fbe6b9e6
-SHA512 (libotr-4.1.0.tar.gz) = 3c6a6bf8ee64467484519187d1bc86001d5ae6ceb169e9c828f7750a1db3dadfef677b828a5d292e5caa12f874711df4fd2db977d48dc968e9f0edc2eab58e3e
-Size (libotr-4.1.0.tar.gz) = 576771 bytes
+SHA1 (libotr-4.1.1.tar.gz) = 3894b82a6c307ad011681ad342d69b18344933ae
+RMD160 (libotr-4.1.1.tar.gz) = 528c5ad4ba89f3225bebf5b5ecadf815239fed88
+SHA512 (libotr-4.1.1.tar.gz) = c957206235b9f627542f23a645c822ea1b318d83fa655f41ed8d9a3c0dddf30b88f0ca82060026af155e48ecb13969dc9270831f20304669794151f666ae5cb0
+Size (libotr-4.1.1.tar.gz) = 655791 bytes