[#] http://marc.info/?l=openbsd-ports-cvs&m=141105112502854&w=2
openbsd-ports-cvs(obsdave,2) — All
2014-09-18 18:55:11


Module name: ports
Changes by: zhuk@cvs.openbsd.org 2014/09/18 08:38:22

Modified files:
x11/kde4/krfb : Tag: OPENBSD_5_6 Makefile
Added files:
x11/kde4/krfb/patches: Tag: OPENBSD_5_6
patch-libvncserver_lzoconf_h
patch-libvncserver_lzodefs_h
patch-libvncserver_minilzo_c
patch-libvncserver_minilzo_h

Log message:
Security fix for krfb 4.13 branch, CVE-2014-4607:

krfb embeds libvncserver which embeds liblzo2, it contains various flaws
that result in integer overflow problems.

This commit actually updates bundled lzo library, as suggested by upstream.

reminded by jasper@