diff options
Diffstat (limited to 'share/security/advisories/FreeBSD-EN-15:10.iconv.asc')
-rw-r--r-- | share/security/advisories/FreeBSD-EN-15:10.iconv.asc | 128 |
1 files changed, 0 insertions, 128 deletions
diff --git a/share/security/advisories/FreeBSD-EN-15:10.iconv.asc b/share/security/advisories/FreeBSD-EN-15:10.iconv.asc deleted file mode 100644 index 90237d0cb1..0000000000 --- a/share/security/advisories/FreeBSD-EN-15:10.iconv.asc +++ /dev/null @@ -1,128 +0,0 @@ ------BEGIN PGP SIGNED MESSAGE----- -Hash: SHA512 - -============================================================================= -FreeBSD-EN-15:10.iconv Errata Notice - The FreeBSD Project - -Topic: Improved iconv(3) UTF-7 support - -Category: core -Module: libc/iconv -Announced: 2015-06-30 -Credits: Tijl Coosemans -Affects: FreeBSD 10.x -Corrected: 2015-06-02 09:42:00 UTC (stable/10, 10.1-STABLE) - 2015-06-30 23:21:37 UTC (releng/10.1, 10.1-RELEASE-p14) - -For general information regarding FreeBSD Errata Notices and Security -Advisories, including descriptions of the fields above, security -branches, and the following sections, please visit -<URL:https://security.freebsd.org/>. - -I. Background - -The iconv(3) API allows converting text data from one character set -encoding to another. Applications first open a converter between two -encodings using iconv_open(3) and then convert text using iconv(3). - -UTF-7 is a variable-length character encoding representing Unicode text -using a stream of ASCII characters. - -II. Problem Description - -A defect in the iconv(3) UTF-7 decoding process causes the end of base64 -symbols ("-") to be treated as an incomplete character when they exist -at the end of the string. - -III. Impact - -Applications that use iconv(3) to decode UTF-7 may receive an incorrect -encoded result. - -IV. Workaround - -No workaround is available. - -V. Solution - -Perform one of the following: - -1) Upgrade your system to a supported FreeBSD stable or release / security -branch (releng) dated after the correction date. - -2) To update your present system via a binary patch: - -Systems running a RELEASE version of FreeBSD on the i386 or amd64 -platforms can be updated via the freebsd-update(8) utility: - -# freebsd-update fetch -# freebsd-update install - -3) To update your present system via a source code patch: - -The following patches have been verified to apply to the applicable -FreeBSD release branches. - -a) Download the relevant patch from the location below, and verify the -detached PGP signature using your PGP utility. - -# fetch https://security.FreeBSD.org/patches/EN-15:10/iconv.patch -# fetch https://security.FreeBSD.org/patches/EN-15:10/iconv.patch.asc -# gpg --verify iconv.patch.asc - -b) Apply the patch. Execute the following commands as root: - -# cd /usr/src -# patch < /path/to/patch - -c) Recompile the operating system using buildworld and installworld as -described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>. - -Restart all deamons using the library, or reboot the system. - -VI. Correction details - -The following list contains the correction revision numbers for each -affected branch. - -Branch/path Revision -- ------------------------------------------------------------------------- -stable/10/ r283908 -releng/10.1/ r284985 -- ------------------------------------------------------------------------- - -To see which files were modified by a particular revision, run the -following command, replacing NNNNNN with the revision number, on a -machine with Subversion installed: - -# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base - -Or visit the following URL, replacing NNNNNN with the revision number: - -<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN> - -VII. References - -<URL:https://bugs.freebsd.org/200398> - -The latest revision of this Errata Notice is available at -https://security.FreeBSD.org/advisories/FreeBSD-EN-15:10.iconv.asc - ------BEGIN PGP SIGNATURE----- -Version: GnuPG v2.1.5 (FreeBSD) - -iQIcBAEBCgAGBQJVkyZQAAoJEO1n7NZdz2rnue4P/2TGL5ucl/YypMQAcgDxRn77 -3zky6DhJSWx0ydnoCsFNogiK2A9qdw6YHvYMyqwjcVTZ9NpjeXSOnuEgaD6SN9Xj -elIkvxPkbome8QDJAVsW+amqw1ipfJ4deN4XQqzbRTaNBd0Yo0jsC4S7zjVq+gwE -0EJ98vYQz8KfOFRW5Y1DlCS2OkapuGHPcxBJsRGoz5Y4Qe8KYDivRDZPJsrhbEWY -+QF+xjZ+ZDvCl6qBSVcYgsVNeMr6jHjmIS2BYSeWypKmI1LfPgZszOMCZsS/rvAs -DKsm9N7GcbMVCD0tUWSOQmN1jtfBEoYtgqoHg1/wg5/jTOlcVQgANVMF5p9jqo/Q -BGBUWfwQACZ4cJI/lXTqUt87Dg1n15JtU011nDCfbK4Ll9ZaYioAisqx2kXdUgBP -ojP3XMwoFtq2tJGJZLlIG3nWm3IatsOL+vtZxw6N4Y5PVksZeCctFikm7FhsCXjk -SCVSn3w+rLP1klWSCbqUUtpvRSMP3JZDH7auytvykUZ2pncKAzwhfb+TI9Qqnguk -RkSDUDnRvLEuwezZOAZ3lErVV/G38zyi6Hn/ODeO0Cg6w70XKdbuWqgf0z3etz7M -HiHk4dpVNO7S4Y12wNdin1XgXa94s08wyiY7bSGpDaqL22O6CHgd0B+NAsqUqJSx -lAsbtw23ytA4JwkVwIdf -=hK2X ------END PGP SIGNATURE----- |