Index: irc/konversation/Makefile =================================================================== --- irc/konversation/Makefile +++ irc/konversation/Makefile @@ -2,8 +2,7 @@ # $FreeBSD$ PORTNAME= konversation -PORTVERSION= 1.7.2 -PORTREVISION= 1 +PORTVERSION= 1.7.3 CATEGORIES= irc kde MASTER_SITES= KDE/stable/${PORTNAME}/${DISTVERSION}/src Index: irc/konversation/distinfo =================================================================== --- irc/konversation/distinfo +++ irc/konversation/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1495708683 -SHA256 (konversation-1.7.2.tar.xz) = 5ff96e84cee4e1eefc404a31d778067ea50dddd8a6c848911fac70bd52812618 -SIZE (konversation-1.7.2.tar.xz) = 3736968 +TIMESTAMP = 1510520681 +SHA256 (konversation-1.7.3.tar.xz) = 5e6bf0afc682aad870b6258b20001c1f119c0784946dd4265b8554678563dcd8 +SIZE (konversation-1.7.3.tar.xz) = 3739124 Index: security/vuxml/vuln.xml =================================================================== --- security/vuxml/vuln.xml +++ security/vuxml/vuln.xml @@ -58,6 +58,32 @@ * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + konversation -- crash in IRC message parsing + + + konversation + 1.7.3 + + + + +

KDE reports:

+
+

Konversation has support for colors in IRC messages. Any malicious user connected to the same IRC network can send a carefully crafted message that will crash the Konversation user client.

+
+ +
+ + CVE-2017-15923 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15923 + + + 2017-10-27 + 2017-11-12 + +
+ roundcube -- file disclosure vulnerability