cpet/freebsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update from 1.0.7 to 1.0.9.

Browse Source 
<Security note>

Please consider updating brotli to version 1.0.9 (latest).

Version 1.0.9 contains a fix to "integer overflow" problem.  This
happens when "one-shot" decoding API is used (or input chunk for
streaming API is not limited), input size (chunk size) is larger
than 2GiB, and input contains uncompressed blocks. After the
overflow happens, `memcpy` is invoked with a gigantic `num`
value, that will likely cause the crash.

</Security note>
This commit is contained in:
Sergey A. Osokin 2020-08-27 14:45:38 +00:00
parent a4e89b62f0
commit 90c2d3aac3
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=546350
2 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
archivers/brotli/Makefile
View File

@ -2,8 +2,7 @@
# $FreeBSD$
PORTNAME= brotli
PORTVERSION= 1.0.7
PORTREVISION= 2
PORTVERSION= 1.0.9
DISTVERSIONPREFIX= v
PORTEPOCH= 1
CATEGORIES= archivers devel

6
archivers/brotli/distinfo
View File

@ -1,3 +1,3 @@
TIMESTAMP = 1540423662
SHA256 (google-brotli-v1.0.7_GH0.tar.gz) = 4c61bfb0faca87219ea587326c467b95acb25555b53d1a421ffa3c8a9296ee2c
SIZE (google-brotli-v1.0.7_GH0.tar.gz) = 23827908
TIMESTAMP = 1598538126
SHA256 (google-brotli-v1.0.9_GH0.tar.gz) = f9e8d81d0405ba66d181529af42a3354f838c939095ff99930da6aa9cdf6fe46
SIZE (google-brotli-v1.0.9_GH0.tar.gz) = 486984