[Bug 221867] [patch] graphics/atril update to 1.18.1 to fix CVE-2017-1000083

bugzilla-noreply at freebsd.org bugzilla-noreply at freebsd.org
Sun Aug 27 21:00:52 UTC 2017


https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221867

            Bug ID: 221867
           Summary: [patch] graphics/atril update to 1.18.1 to fix
                    CVE-2017-1000083
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Keywords: patch
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: gnome at FreeBSD.org
          Reporter: rkoberman at gmail.com
             Flags: maintainer-feedback?(gnome at FreeBSD.org)
          Keywords: patch
          Assignee: gnome at FreeBSD.org

Created attachment 185828
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=185828&action=edit
svn diff to update graphics/atril to 1.18.1 (Vulnerability fix)

Atril is vulnerable to CVE-2017-1000083. This was resolved upstream over a
month ago by disabling .cbt files and the fix was merged into 1.18.1. This is a
simple PORTVERSION change plus updated distfiles.

Tested on amd64 on 11.1.

NOTE: The vuxml file shows this as fixed in 1.19.0. This is incorrect because
1.19.0 does not fix hte vulnerability and the fix was merged into both 1.18 and
1.19 and new releases generated as 1.18.1 and 1.19.1. 1.19 is a development
release, so the update is to 1.18.1. I am not sure how to get the vuxml
updated.

-- 
You are receiving this mail because:
You are the assignee for the bug.


More information about the freebsd-gnome mailing list