diff options
| author | dougb <dougb@FreeBSD.org> | 2012-08-18 16:39:39 +0800 |
|---|---|---|
| committer | dougb <dougb@FreeBSD.org> | 2012-08-18 16:39:39 +0800 |
| commit | e05a9e1817bd24673c08c4560aab5aac58187281 (patch) | |
| tree | c065c38a41bfd235f5858d8f10317a7629b16706 /security | |
| parent | 90b9da0f17bb209d63dbce88c278c48022893d5b (diff) | |
| download | freebsd-ports-gnome-e05a9e1817bd24673c08c4560aab5aac58187281.tar.gz freebsd-ports-gnome-e05a9e1817bd24673c08c4560aab5aac58187281.tar.zst freebsd-ports-gnome-e05a9e1817bd24673c08c4560aab5aac58187281.zip | |
14 August 2012 libotr version 3.2.1 released
Versions 3.2.0 and earlier of libotr contain a small heap write overrun
(thanks to Justin Ferguson for the report), and a large heap read overrun
(thanks to Ben Hawkes for the report).
Add a vuxml entry, and tune up the notes about adding a new entry.
Diffstat (limited to 'security')
| -rw-r--r-- | security/libotr/Makefile | 4 | ||||
| -rw-r--r-- | security/libotr/distinfo | 8 | ||||
| -rw-r--r-- | security/vuxml/vuln.xml | 49 |
3 files changed, 49 insertions, 12 deletions
diff --git a/security/libotr/Makefile b/security/libotr/Makefile index 555dc238cf5d..9e97e19406fb 100644 --- a/security/libotr/Makefile +++ b/security/libotr/Makefile @@ -7,10 +7,10 @@ # PORTNAME= libotr -PORTVERSION= 3.2.0 +PORTVERSION= 3.2.1 # Please do not bump PORTREVISION for this port unless you have # confirmed via testing that it is necessary -PORTREVISION= 4 +PORTREVISION= 0 CATEGORIES= security MASTER_SITES= http://www.cypherpunks.ca/otr/ DISTFILES= ${DISTNAME}${EXTRACT_SUFX} ${DISTNAME}${EXTRACT_SUFX}.asc diff --git a/security/libotr/distinfo b/security/libotr/distinfo index 3abcadf9fd61..b1af629e7a25 100644 --- a/security/libotr/distinfo +++ b/security/libotr/distinfo @@ -1,4 +1,4 @@ -SHA256 (libotr-3.2.0.tar.gz) = d83b9d20e36e2a4a55e5336f15d1d218d627bc0af7af94e3835bdc8b6d8b6693 -SIZE (libotr-3.2.0.tar.gz) = 430299 -SHA256 (libotr-3.2.0.tar.gz.asc) = ac0cdb8ec410cf35c632aee2b0d9d75525a2d59361d3b23002f598e35ac79f65 -SIZE (libotr-3.2.0.tar.gz.asc) = 191 +SHA256 (libotr-3.2.1.tar.gz) = d428eaa584984baa09450cca07742e0ac8fc62401f3a1c556e3025023369cdf4 +SIZE (libotr-3.2.1.tar.gz) = 414684 +SHA256 (libotr-3.2.1.tar.gz.asc) = 8ec08871018ce41bb4f631f5672daeaab72e9ea1b8913b3ddad22b9672a5e2b4 +SIZE (libotr-3.2.1.tar.gz.asc) = 190 diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 733fcfdb1d46..ab7711ba0882 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -37,21 +37,58 @@ QUICK GUIDE TO ADDING A NEW ENTRY 2. fill in the template 3. use 'make validate' to verify syntax correctness (you might need to install textproc/libxml2 for parser, and this port for catalogs) -4. run 'make tidy' and then diff vuln.xml and vuln.xml.tidy - there should be - no difference. -5. ??? -6. profit! +4. fix any errors +5. profit! -Extensive documentation of the format is available in Porter's Handbook at +Extensive documentation of the format and help with writing and verifying +a new entry is available in The Porter's Handbook at: http://www.freebsd.org/doc/en/books/porters-handbook/security-notify.html -Help is available from ports-security@freebsd.org +Help is also available from ports-security@freebsd.org. Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="c651c898-e90d-11e1-b230-0024e830109b"> + <topic>libotr -- buffer overflows</topic> + <affects> + <package> + <name>libotr</name> + <range><lt>3.2.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>OTR developers report:</p> + <blockquote cite="http://lists.cypherpunks.ca/pipermail/otr-dev/2012-July/001347.html"> + <p>The otrl_base64_otr_decode() function and similar functions within OTR + suffer from buffer overflows in the case of malformed input; + specifically if a message of the format of "?OTR:===." is received + then a zero-byte allocation is performed without a similar correlation + between the subsequent base64 decoding write, as such it becomes + possible to write between zero and three bytes incorrectly to the + heap, albeit only with a value of '='.</p> + <p>Because this code path is highly utilized, specifically in the + reception of instant messages over pidgin or similar, this + vulnerability is considered severe even though in many platforms and + circumstances the bug would yield an unexploitable state and result + simply in denial of service.</p> + <p>The developers of OTR promptly fixed the errors and users of OTR are + advised to upgrade the software at the next release cycle.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2012-3461</cvename> + </references> + <dates> + <discovery>2012-07-27</discovery> + <entry>2012-08-18</entry> + </dates> + </vuln> + <vuln vid="0f62be39-e8e0-11e1-bea0-002354ed89bc"> <topic>OpenTTD -- Denial of Service</topic> <affects> |