From delphij@tarsier.delphij.net  Thu May 31 07:58:34 2007
Return-Path: <delphij@tarsier.delphij.net>
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id F2AA616A41F
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 31 May 2007 07:58:34 +0000 (UTC)
	(envelope-from delphij@tarsier.delphij.net)
Received: from tarsier.geekcn.org (tarsier.geekcn.org [210.51.165.229])
	by mx1.freebsd.org (Postfix) with ESMTP id A9E9813C45E
	for <FreeBSD-gnats-submit@freebsd.org>; Thu, 31 May 2007 07:58:34 +0000 (UTC)
	(envelope-from delphij@tarsier.delphij.net)
Received: from localhost (tarsier.geekcn.org [210.51.165.229])
	by tarsier.geekcn.org (Postfix) with ESMTP id 9B34EEB2447;
	Thu, 31 May 2007 15:58:30 +0800 (CST)
Received: from tarsier.geekcn.org ([210.51.165.229])
	by localhost (mail.geekcn.org [210.51.165.229]) (amavisd-new, port 10024)
	with ESMTP id 9vVfePPvcrJZ; Thu, 31 May 2007 15:58:22 +0800 (CST)
Received: from tarsier.delphij.net (tarsier.geekcn.org [210.51.165.229])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by tarsier.geekcn.org (Postfix) with ESMTP id 372D3EB14A5;
	Thu, 31 May 2007 15:58:20 +0800 (CST)
Received: from tarsier.delphij.net (localhost [127.0.0.1])
	by tarsier.delphij.net (8.13.8/8.13.8) with ESMTP id l4V7wJTt081434;
	Thu, 31 May 2007 15:58:19 +0800 (CST)
	(envelope-from delphij@tarsier.delphij.net)
Received: (from delphij@localhost)
	by tarsier.delphij.net (8.13.8/8.13.8/Submit) id l4V7wDFq081433;
	Thu, 31 May 2007 15:58:13 +0800 (CST)
	(envelope-from delphij)
Message-Id: <200705310758.l4V7wDFq081433@tarsier.delphij.net>
Date: Thu, 31 May 2007 15:58:13 +0800 (CST)
From: Xin LI <delphij@freebsd.org>
Reply-To: Xin LI <delphij@freebsd.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc: jharris@widomaker.com
Subject: [PATCH] [SECURITY] Update sysutils/file to 4.21
X-Send-Pr-Version: 3.113
X-GNATS-Notify: jharris@widomaker.com

>Number:         113183
>Category:       ports
>Synopsis:       [PATCH] [SECURITY] Update sysutils/file to 4.21
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    delphij
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Thu May 31 08:00:16 GMT 2007
>Closed-Date:    Wed Jun 06 07:41:22 GMT 2007
>Last-Modified:  Wed Jun  6 07:50:03 GMT 2007
>Originator:     Xin LI
>Release:        FreeBSD 6.2-RELEASE-p1 i386
>Organization:
The FreeBSD Project
>Environment:
System: FreeBSD tarsier.delphij.net 6.2-RELEASE-p1 FreeBSD 6.2-RELEASE-p1 #1: Sat Feb 10 07:03:45 CST 2007 delphij@tarsier.delphij.net:/usr/obj/usr/src/sys/TARSIER i386


>Description:
	Corresponding to FreeBSD-SA-07:04.file

	Maintainer (jharris widomaker.com) cc'ed.
>How-To-Repeat:
>Fix:


--- patch-file.diff begins here ---
Index: Makefile
===================================================================
RCS file: /home/ncvs/ports/sysutils/file/Makefile,v
retrieving revision 1.29
diff -u -p -u -r1.29 Makefile
--- Makefile	3 Mar 2007 15:30:32 -0000	1.29
+++ Makefile	31 May 2007 07:48:05 -0000
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	file
-PORTVERSION=	4.20
+PORTVERSION=	4.21
 CATEGORIES=	sysutils
 MASTER_SITES=	ftp://ftp.astron.com/pub/file/ \
 		ftp://ftp.gw.com/mirrors/pub/unix/file/ \
Index: distinfo
===================================================================
RCS file: /home/ncvs/ports/sysutils/file/distinfo,v
retrieving revision 1.18
diff -u -p -u -r1.18 distinfo
--- distinfo	3 Mar 2007 15:30:32 -0000	1.18
+++ distinfo	31 May 2007 07:50:43 -0000
@@ -1,5 +1,3 @@
-MD5 (file-4.20.tar.gz) = 402bdb26356791bd5d277099adacc006
-SHA1 (file-4.20.tar.gz) = af5878e3c61c725a82ff185fcef5b631ad8468ab
-RMD160 (file-4.20.tar.gz) = ff4f1a677a6377df3d7925ab4e36fec71dd3ebe7
-SHA256 (file-4.20.tar.gz) = c0810fb3ddb6cb73c9ff045965e542af6e3eaa7f2995b3037181766d26d5e6e7
-SIZE (file-4.20.tar.gz) = 548393
+MD5 (file-4.21.tar.gz) = 9e3503116f4269a1be70220ee2234b0e
+SHA256 (file-4.21.tar.gz) = 6f5644d56cc603138533158076a6cb41cd33c33d27e5310cb76cb6576151ca67
+SIZE (file-4.21.tar.gz) = 549938
--- patch-file.diff ends here ---


>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-ports-bugs->delphij 
Responsible-Changed-By: edwin 
Responsible-Changed-When: Thu May 31 08:00:22 UTC 2007 
Responsible-Changed-Why:  
Submitter has GNATS access 

http://www.freebsd.org/cgi/query-pr.cgi?pr=113183 
State-Changed-From-To: open->feedback 
State-Changed-By: edwin 
State-Changed-When: Thu May 31 08:00:30 UTC 2007 
State-Changed-Why:  
Awaiting maintainers feedback 

http://www.freebsd.org/cgi/query-pr.cgi?pr=113183 

From: Michael Scheidell <scheidell@secnap.net>
To: bug-followup@FreeBSD.org,  delphij@freebsd.org
Cc:  
Subject: Re: ports/113183: [PATCH] [SECURITY] Update sysutils/file to 4.21
Date: Tue, 05 Jun 2007 21:09:04 -0400

 Any feedback on committing this? need it for amavisd-new 2.5.1
 
 We have been using this patch for a week now, and looks fine.
 
 
 _________________________________________________________________________
 This email has been scanned and certified safe by SpammerTrap(tm). 
 For Information please see http://www.spammertrap.com
 _________________________________________________________________________
State-Changed-From-To: feedback->closed 
State-Changed-By: delphij 
State-Changed-When: Wed Jun 6 07:39:15 UTC 2007 
State-Changed-Why:  
Patch committed. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=113183 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: ports/113183: commit references a PR
Date: Wed,  6 Jun 2007 07:38:30 +0000 (UTC)

 delphij     2007-06-06 07:38:25 UTC
 
   FreeBSD ports repository
 
   Modified files:
     sysutils/file        Makefile distinfo 
   Log:
   Update sysutils/file to 4.21, fixes a heap overflow vulnerability.
   
   PR:             ports/113183
   Security:       FreeBSD-SA-07:04.file
   VuXML ID:       8e01ab5b-0949-11dc-8163-000e0c2e438a
   Approved by:    secteam (remko)
   
   Revision  Changes    Path
   1.30      +1 -1      ports/sysutils/file/Makefile
   1.19      +3 -5      ports/sysutils/file/distinfo
 _______________________________________________
 cvs-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/cvs-all
 To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
 
>Unformatted:
