[Bug 255368] devel/binutils: Backport patch fixing CVE-2021-3487

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 13 Aug 2021 11:08:57 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255368

--- Comment #5 from commit-hook@FreeBSD.org ---
A commit in branch 2021Q3 references this bug:

URL:
https://cgit.FreeBSD.org/ports/commit/?id=9c4ee12ed3cddad1cb19a62d05b7efe77cb896a6

commit 9c4ee12ed3cddad1cb19a62d05b7efe77cb896a6
Author:     Yasuhiro Kimura <yasu@utahime.org>
AuthorDate: 2021-08-13 10:55:57 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2021-08-13 10:55:57 +0000

    devel/binutils: Add fix for CVE-2021-3487

    The CVE is fixed in main in a0e752df8013. Merging that would mean merging
other
    changes to other ports and doing more exp-runs, so we just backport the fix
in
    the quarterly branch to avoid too much disruption.

    VuXML entry to be handled in PR 256133.

    PR:     255368, 251385
    Reported by:    diizzy@
    Security:       CVE-2021-3487

 devel/binutils/Makefile                        |  2 +-
 devel/binutils/files/patch-CVE-2021-3487 (new) | 75 ++++++++++++++++++++++++++
 2 files changed, 76 insertions(+), 1 deletion(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.