[Bug 221867] [patch] graphics/atril update to 1.18.1 to fix CVE-2017-1000083
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Sun Aug 27 21:00:52 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221867
Bug ID: 221867
Summary: [patch] graphics/atril update to 1.18.1 to fix
CVE-2017-1000083
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Keywords: patch
Severity: Affects Only Me
Priority: ---
Component: Individual Port(s)
Assignee: gnome at FreeBSD.org
Reporter: rkoberman at gmail.com
Flags: maintainer-feedback?(gnome at FreeBSD.org)
Keywords: patch
Assignee: gnome at FreeBSD.org
Created attachment 185828
--> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=185828&action=edit
svn diff to update graphics/atril to 1.18.1 (Vulnerability fix)
Atril is vulnerable to CVE-2017-1000083. This was resolved upstream over a
month ago by disabling .cbt files and the fix was merged into 1.18.1. This is a
simple PORTVERSION change plus updated distfiles.
Tested on amd64 on 11.1.
NOTE: The vuxml file shows this as fixed in 1.19.0. This is incorrect because
1.19.0 does not fix hte vulnerability and the fix was merged into both 1.18 and
1.19 and new releases generated as 1.18.1 and 1.19.1. 1.19 is a development
release, so the update is to 1.18.1. I am not sure how to get the vuxml
updated.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-gnome
mailing list