| Log Message: |
Update libzip to 1.3.0.
It includes the fix for CVE-2017-14107 (landed separately in r450768) as well
as a fix for CVE-2017-12858, which did not affect us due to the fact that the
vulnerability was introduced in 1.2.0.
libzip.so's SOVERSION got bumped after the removal of the undocumented function
zip_archive_set_tempdir(). All ports depending on libzip continue to build fine
after that.
PR: 222638
Submitted by: Dani <i.dani@outlook.com>
|
head/archivers/libzip/Makefile