notbugAs an Amazon Associate I earn from qualifying purchases.
Want a good read? Try FreeBSD Mastery: Jails (IT Mastery Book 15)
All times are UTC
non port: archivers/libzip/files/patch-CVE-2017-14107

Number of commits found: 2

Wednesday, 27 Sep 2017
18:06 rakuco search for other commits by this committer
Update libzip to 1.3.0.

It includes the fix for CVE-2017-14107 (landed separately in r450768) as well
as a fix for CVE-2017-12858, which did not affect us due to the fact that the
vulnerability was introduced in 1.2.0.'s SOVERSION got bumped after the removal of the undocumented function
zip_archive_set_tempdir(). All ports depending on libzip continue to build fine
after that.

PR:		222638
Submitted by:	Dani <>
Original commitRevision:450774 
16:52 rakuco search for other commits by this committer
Add a patch for CVE-2017-14107.

This is a minor security vulnerability that can lead to a denial of service
issue in libzip when a specially crafted archive is used.

PR:		222638
Security:	b2952517-07e5-4d19-8850-21c5b7e0623f
Security:	CVE-2017-14107
Original commitRevision:450768 

Number of commits found: 2