[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 256121] [exp-run] texproc/expat2: update to 2.4.1 (fixes CVE-2013-0340/CWE-776)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Mon, 24 May 2021 14:42:55 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256121

            Bug ID: 256121
           Summary: [exp-run] texproc/expat2: update to 2.4.1 (fixes
                    CVE-2013-0340/CWE-776)
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: portmgr@FreeBSD.org
          Reporter: tcberner@freebsd.org
                CC: desktop@FreeBSD.org
             Flags: exp-run?

Created attachment 225223
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=225223&action=edit
v1

Moin moin 

desktop@ would like to ask for an exp-run to update textproc/expat2 to 2.4.1
which includes a fix against the billion laughs attach CVE-2013-0340/CWE-776.

The patch is attached and can also be found here:
https://people.freebsd.org/~tcberner/patches/0001-textprox-expat2-update-to-2.4.1-fixes-CVE-2013-0340-.patch

mfg Tobias

-- 
You are receiving this mail because:
You are on the CC list for the bug.