From ${URL} : Multiple vulnerabilities were found in utf8proc. 1. Buffer overrun in utf8proc.c utf8proc_iterate() Upstream bug: https://github.com/JuliaLang/utf8proc/pull/66 Upstream patch: https://github.com/JuliaLang/utf8proc/commit/5a84e53b0cf676b53c9a8b80d42ef91311b124f9 2. Stack overflow (infinite recursion) that could occur due to incorrect definition of UINT16_MAX with some compilers Upstream bug: https://github.com/JuliaLang/utf8proc/issues/82 Upstream patch: https://github.com/JuliaLang/utf8proc/commit/caef918abd0a9425b3942df3859c7bea7b8986e0 @maintainer(s): since the package or the affected version has never been marked as stable, we don't need to stabilize it. After the bump, please remove the affected versions from the tree.
(In reply to Agostino Sarubbo from comment #0) > From ${URL} : > > Multiple vulnerabilities were found in utf8proc. > > 1. Buffer overrun in utf8proc.c utf8proc_iterate() > > Upstream bug: > > https://github.com/JuliaLang/utf8proc/pull/66 > > Upstream patch: > > https://github.com/JuliaLang/utf8proc/commit/ > 5a84e53b0cf676b53c9a8b80d42ef91311b124f9 backported to -1.3.1_p2-r1. > 2. Stack overflow (infinite recursion) that could occur due to incorrect > definition of UINT16_MAX with some compilers > > Upstream bug: > > https://github.com/JuliaLang/utf8proc/issues/82 > > Upstream patch: > > https://github.com/JuliaLang/utf8proc/commit/ > caef918abd0a9425b3942df3859c7bea7b8986e0 not introduced in 1.3.1-2, yet. > @maintainer(s): since the package or the affected version has never been > marked as stable, we don't need to stabilize it. After the bump, please > remove the affected versions from the tree. done
commit 24605313fed0a4e2ef4bdd1205e25af2d5624c8a Author: Michael Weber <xmw@gentoo.org> Date: Thu Feb 23 13:28:14 2017 +0100 dev-libs/libutf8proc: Revbump with security patch (bug 610684). Package-Manager: Portage-2.3.3, Repoman-2.3.1 dev-libs/libutf8proc/files/libutf8proc-1.3.1_p2-overrun.patch dev-libs/libutf8proc/libutf8proc-1.3.1_p2-r1.ebuild
All done, repository is clean.