ports/120379: devel/icu should be patched
Mikhail Teterin
mi+mill at aldan.algebra.com
Fri Feb 8 06:00:06 UTC 2008
The following reply was made to PR ports/120379; it has been noted by GNATS.
From: Mikhail Teterin <mi+mill at aldan.algebra.com>
To: bug-followup at freebsd.org,
turutani at scphys.kyoto-u.ac.jp
Cc: "George Rhoten" <grhoten at gmail.com>
Subject: Re: ports/120379: devel/icu should be patched
Date: Fri, 8 Feb 2008 00:31:04 -0500
= devel/icu has been updated (3.6 -> 3.8.1).
= i guess this is done because of CVE-2007-4770 etc,
No, it was done to stay current -- up to date with the most recent ICU. I was
not aware of the security problem and am surprised, the 3.8.1 release, which
was released in 2008, does not have a fix...
I'll look into applying the patch, thanks!
= in addition, major version of libraries are changed.
= hence, building other ports fails, especially they depends devel/glib20 and
= glib is built with "WITH_COLLATION_FIX=1".
You'll want to file a PR against /those ports/.
= i want some comments about this in UPDATING...
?
-mi
More information about the freebsd-ports-bugs
mailing list