Index: net/rabbitmq-c/Makefile =================================================================== --- net/rabbitmq-c/Makefile +++ net/rabbitmq-c/Makefile @@ -1,7 +1,7 @@ # Created by: Geoff Garside PORTNAME= rabbitmq-c -PORTVERSION= 0.8.0 +PORTVERSION= 0.10.0 DISTVERSIONPREFIX= v CATEGORIES= net @@ -13,8 +13,6 @@ BUILD_DEPENDS= ${PYTHON_PKGNAMEPREFIX}simplejson>=2.0:devel/py-simplejson@${PY_FLAVOR} -CONFLICTS= rabbitmq-c-devel-[0-9]* - USES= cmake pathfix python tar:bzip2 USE_GITHUB= yes USE_LDCONFIG= yes Index: net/rabbitmq-c/distinfo =================================================================== --- net/rabbitmq-c/distinfo +++ net/rabbitmq-c/distinfo @@ -1,3 +1,3 @@ -TIMESTAMP = 1510178940 -SHA256 (alanxz-rabbitmq-c-v0.8.0_GH0.tar.gz) = d8ed9dcb49903d83d79d7b227da35ef68c60e5e0b08d0fc1fb4e4dc577b8802b -SIZE (alanxz-rabbitmq-c-v0.8.0_GH0.tar.gz) = 149150 +TIMESTAMP = 1623921575 +SHA256 (alanxz-rabbitmq-c-v0.10.0_GH0.tar.gz) = 6455efbaebad8891c59f274a852b75b5cc51f4d669dfc78d2ae7e6cc97fcd8c0 +SIZE (alanxz-rabbitmq-c-v0.10.0_GH0.tar.gz) = 145361 Index: net/rabbitmq-c/pkg-plist =================================================================== --- net/rabbitmq-c/pkg-plist +++ net/rabbitmq-c/pkg-plist @@ -10,5 +10,5 @@ lib/librabbitmq.a lib/librabbitmq.so lib/librabbitmq.so.4 -lib/librabbitmq.so.4.2.0 +lib/librabbitmq.so.4.4.0 libdata/pkgconfig/librabbitmq.pc Index: security/vuxml/vuln-2021.xml =================================================================== --- security/vuxml/vuln-2021.xml +++ security/vuxml/vuln-2021.xml @@ -1,3 +1,37 @@ + + RabbitMQ-C -- integer overflow leads to heap corruption + + + net/rabbitmq-c + net/rabbitmq-c-devel + 0.10.0 + + + + +

alanxz reports:

+
+

When parsing a frame header, validate that the frame_size is less than + or equal to INT32_MAX. Given frame_max is limited between 0 and + INT32_MAX in amqp_login and friends, this does not change the API. + This prevents a potential buffer overflow when a malicious client sends + a frame_size that is close to UINT32_MAX, in which causes an overflow + when computing state->target_size resulting in a small value there. A + buffer is then allocated with the small amount, then memcopy copies the + frame_size writing to memory beyond the end of the buffer.

+
+ + + + CVE-2019-18609 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-18609 + + + 2019-10-29 + 2021-06-25 + + + Ansible -- Templating engine bug