[Bug 250971] textproc/raptor2 heap overflow
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Nov 9 01:39:55 GMT 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=250971
Bug ID: 250971
Summary: textproc/raptor2 heap overflow
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: Individual Port(s)
Assignee: kde at FreeBSD.org
Reporter: truckman at FreeBSD.org
Flags: maintainer-feedback?(kde at FreeBSD.org)
Assignee: kde at FreeBSD.org
According to https://www.openwall.com/lists/oss-security/2017/06/07/1 there are
two heap overflows in raptor 2.0.15.
A CVE has been assigned:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18926
The upstream raptor github repo has a patch:
https://github.com/dajobe/raptor/commit/590681e546cd9aa18d57dc2ea1858cb734a3863f.patch
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the kde-freebsd
mailing list