Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

security/xhash: Bump to v3.3.3 and latest dependencies #139

Closed
wants to merge 1 commit into from

Conversation

ricardobranco777
Copy link

@ricardobranco777 ricardobranco777 commented May 19, 2024

Bump to v3.3.3 and latest dependencies

Ref: pkg/58267

@ricardobranco777 ricardobranco777 changed the title security/xhash: Bump to v3.3.3, go122 and latest dependencies security/xhash: Bump to v3.3.3 and latest dependencies May 19, 2024
@ricardobranco777 ricardobranco777 deleted the xhash_go122 branch June 1, 2024 07:07
netbsd-srcmastr pushed a commit that referenced this pull request Jun 15, 2024
Upstream changes:
 https://github.com/flavorjones/mini_portile/blob/v2.8.7/CHANGELOG.md

2.8.7 / 2024-05-31

Added

  * When setting the C compiler through the MiniPortile constructor, the
    preferred keyword argument is now :cc_command. The original :gcc_command is
    still supported. (#144 by @flavorjones)
  * Add support for extracting xz-compressed tarballs on OpenBSD. (#141 by
    @postmodern)
  * Add OpenBSD support to the experimental method MakeMakefile#mkmf_config. (#
    141 by @flavorjones)

Changed

  * MiniPortileCMake now detects the C and C++ compiler the same way
    MiniPortile does: by examining environment variables, then using kwargs,
    then looking in RbConfig (in that order). (#144 by @flavorjones)
  * GPG file verification error messages are captured in the raised exception.
    Previously these errors went to stderr. (#145 by @flavorjones)

2.8.6 / 2024-04-14

Added

  * When using CMake on FreeBSD, default to clang's "cc" and "c++" compilers.
    (#139 by @mudge)
netbsd-srcmastr pushed a commit that referenced this pull request Sep 19, 2024
This is a point release intended to clear up a couple of CVEs and
apply point fixes that have been accumulating since 5.2.1

There are a few unresolved (but minor) memory leaks related to design
issues in the API that still need to be resolved. Expect those fixes
in the next release.

Code Fixes
----------

* Fixes for CVE-2023-48161, CVE-2022-28506,

* Address SF issue #138 Documentation for obsolete utilities still installed

* Address SF issue #139: Typo in "LZW image data" page ("110_2 = 4_10")

* Address SF issue #140: Typo in "LZW image data" page ("LWZ")

* Address SF issue #141: Typo in "Bits and bytes" page ("filed")

* Note as already fixed SF issue #143: cannot compile under mingw

* Address SF issue #144: giflib-5.2.1 cannot be build on windows and other platforms using c89

* Address SF issue #145: Remove manual pages installation for binaries that are not installed too

* Address SF issue #146: [PATCH] Limit installed man pages to binaries, move giflib to section 7

* Address SF issue #147 [PATCH] Fixes to doc/whatsinagif/ content

* Address SF issue #148: heap Out of Bound Read in gif2rgb.c:298 DumpScreen2RGB

* Declared no-info on SF issue #150: There is a denial of service vulnerability in GIFLIB 5.2.1

* Declared Won't-fix on SF issue 149: Out of source builds no longer possible

* Address SF issue #151: A heap-buffer-overflow in gif2rgb.c:294:45

* Address SF issue #152: Fix some typos on the html documentation and man pages

* Address SF issue #153: Fix segmentation faults due to non correct checking for args

* Address SF issue #154: Recover the giffilter manual page

* Address SF issue #155: Add gifsponge docs

* Address SF issue #157: An OutofMemory-Exception or Memory Leak in gif2rgb

* Address SF issue #158: There is a null pointer problem in gif2rgb

* Address SF issue #159 A heap-buffer-overflow in GIFLIB5.2.1 DumpScreen2RGB() in gif2rgb.c:298:45

* Address SF issue #163: detected memory leaks in openbsd_reallocarray giflib/openbsd-reallocarray.c

* Address SF issue #164: detected memory leaks in GifMakeMapObject giflib/gifalloc.c

* Address SF issue #166: a read zero page leads segment fault in getarg.c and memory leaks in gif2rgb.c and gifmalloc.c

* Address SF issue #167: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function at Line 321 of gif2rgb.c
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant