the bitrig stable/1.0 branch has been updated by pedro with 1 new commit: commit cfdcb026927167badd77a345b2074ce22662f653 diff: https://github.com/bitrig/bitrig/commit/cfdcb02 author: Alexander Bluhm <[email protected]> date: Mon Jan 5 23:14:37 2015 +0000
Fix CVE-2014-6272 in Libevent 1.4 from upstream: - https://github.com/libevent/libevent/commit/7b21c4eabf1f3946d3f63cce1319c490caab8ecf - For this fix, we need to make sure that passing too-large inputs to the evbuffer functions can't make us do bad things with the heap. On top of that do: - Update libevent version to 1.4.15-stable. - Use SIZE_MAX from limits.h instead of a private define. - Do not declare 'size_t need' twice to avoid a compiler warning. OK sthen M lib/libevent/buffer.c M lib/libevent/event.h
