Re: cvs commit: ports/net-im/libpurple Makefile distinfo
--IJpNTDwzlM2Ie8A6
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On 2012-Mar-18 17:00:35 +0000, Joe Marcus Clarke <marcus@FreeBSD.org> wrote:
>marcus 2012-03-18 17:00:35 UTC
>
> FreeBSD ports repository
>
> Modified files:
> net-im/libpurple Makefile distinfo=20
> Log:
> Update to 2.10.2. See http://developer.pidgin.im/wiki/ChangeLog for a
> list of changes in this release.
Based on Mandriva security advisory MDVSA-2012:029, this appears to
also fix CVE-2012-1178 (it's not clear to me whether the fix is in
pidgin or libpurple). That advisory also lists CVE-2011-4939 that is
fixed in pidgin 2.10.2 - do you have any plans to upgrade that port?
(And a recent SANS @RISK also listed CVE-2012-1257 - which is fixed in
libpurple/pidgin 2.10.1) These should probably all be listed in vuxml.
--=20
Peter Jeremy
--IJpNTDwzlM2Ie8A6
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (FreeBSD)
iEYEARECAAYFAk9mbzMACgkQ/opHv/APuIe1PwCePRko+Y4qJ1m4lVAkBkD4qcPx
yqkAn0sZ0DGgsXPJZKDE1hYm1JlKmmd9
=ae+H
-----END PGP SIGNATURE-----
--IJpNTDwzlM2Ie8A6--
討論串 (同標題文章)
完整討論串 (本文為第 3 之 5 篇):