cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
9ecbdf1562
openbsd-ports/archivers
History
sthen 9ecbdf1562 security update to LZO 2.07, CVE-2014-4607 
'Fixed a potential integer overflow condition in the "safe" decompressor
variants which could result in a possible buffer overrun when processing
maliciously crafted compressed input data.

As this issue only affects 32-bit systems and also can only happen if
you use uncommonly huge buffer sizes where you have to decompress more
than 16 MiB (2^24 bytes) compressed bytes within a single function call,
the practical implications are limited.'

See http://www.openwall.com/lists/oss-security/2014/06/26/20 for more
details, there are also some embedded copies of "minilzo" from the same
source in various other programs which are also affected by this
2014-06-26 22:52:52 +00:00
..
arc sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
bzip2 landry@ ran into a bashism; lift portable replacement code from GNU gzip 1.6 2014-05-24 20:51:54 +00:00
cabextract update to cabextract 1.4, ok Steve Shockley (maintainer) 2013-05-13 12:57:41 +00:00
deco sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
fastjar sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
freeze sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
fuse-zip Import fuse-zip. ok syl@ 2014-01-28 01:01:52 +00:00
gcpio move http://www.gnu.org to https 2013-11-09 23:19:01 +00:00
gshar+gunshar move http://www.gnu.org to https 2013-11-09 23:19:01 +00:00
gtar Update to 1.17.1. Bug fixes: 2014-05-12 21:35:30 +00:00
ha sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
hs-zlib Add comments to ports which meta/haskell-platform depends on, to 2014-06-19 18:58:01 +00:00
hs-zlib-bindings Update to zlib-bindings-0.1.1.3. 2013-07-18 22:12:55 +00:00
hs-zlib-enum Update to zlib-enum-0.2.3. 2013-07-19 06:49:31 +00:00
lha regen and add missing rcs ids 2014-04-18 22:59:32 +00:00
libarchive sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
libmspack Update to libmspack 0.4alphav0. 2013-08-06 19:13:06 +00:00
libshrink sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
libtar Security fix for CVE-2013-4397 Integer overflow in libtar 2013-10-10 07:16:28 +00:00
libzip Update to libzip-0.11.2. ok brad@ 2014-01-21 22:27:34 +00:00
luazlib move http://github.com and http://bitbucket.org to https 2013-08-07 21:57:40 +00:00
lxsplit sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
lz4 import ports/archivers/lz4, ok jca@ 2013-11-12 20:00:50 +00:00
lzip Update to lunzip 1.5. OK sthen@ 2014-04-18 21:53:54 +00:00
lzo scrape @endfake. I haven't been able to finish this in... ten years. 2014-01-11 11:22:43 +00:00
lzo2 security update to LZO 2.07, CVE-2014-4607 2014-06-26 22:52:52 +00:00
lzop sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
macutil sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
makeself sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
nulib move http://people.freebsd.org to https 2013-08-06 18:43:15 +00:00
p5-Archive-Zip sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
p5-Compress-Bzip2 @comment zero-byte perl .bs files 2014-06-14 23:23:11 +00:00
p5-Compress-LZO @comment zero-byte perl .bs files 2014-06-14 23:23:11 +00:00
p5-PerlIO-gzip @comment zero-byte perl .bs files 2014-06-14 23:23:11 +00:00
p5-POE-Filter-Zlib sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
p7zip sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
par1cmdline sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
par2cmdline sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
pecl-lzf bump REVISION due to the php update 2013-08-12 04:11:20 +00:00
pecl-rar update to pecl-rar 3.0.1, fixing with php 5.4 2013-08-14 11:43:03 +00:00
pigz fix DESCR 2013-12-01 09:56:52 +00:00
py-lzo sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
quazip Update to 0.6.2 2014-03-28 03:08:41 +00:00
ripole sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
ruby-archive-tar-minitar Bump all ruby gem ports supporting rbx FLAVOR due to change to rubinius 2013-10-26 23:55:34 +00:00
rzip update my email address 2013-10-06 19:12:08 +00:00
sltar remove -O optimization from cflags 2013-11-09 09:51:50 +00:00
star remove empty patch files 2013-10-10 20:30:16 +00:00
ucl sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
unace sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
unarj sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
unrar Update to 5.00 and take maintainer. 2013-09-06 13:28:15 +00:00
unshield missing rcs id 2013-05-08 20:38:38 +00:00
unzip use ${FILESDIR} instead of hardcoding 'files/' 2014-04-20 10:00:21 +00:00
xdms Import xdms. An amiga disk image archiver. 2013-09-03 16:16:09 +00:00
xz kill direct and indirect references to GCC2_ARCHS 2013-08-07 15:37:07 +00:00
zip sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
zipios sync distinfo and merge in PFRAG.shared. 2013-04-04 16:03:55 +00:00
zoo mirror distfile 2013-09-20 20:37:15 +00:00
zopfli Import zopfli-1.0.0. 2013-07-07 17:57:44 +00:00
zziplib Update to 0.13.62 2014-01-10 16:12:52 +00:00
Makefile remove archivers/bzip, a long forgotten, patent-encumbered compressor 2014-03-10 16:02:36 +00:00