Update the www/mathopd port to 1.5p7. The previous version has a vulnerability that could lead to directory traversal when the '*' construct in config files is used. How-To-Repeat: n/a
Responsible Changed From-To: freebsd-ports-bugs->rm I will take it.
Hello, Michiel. Would you please also provide vuxml entry?
rm 2012-02-02 20:43:23 UTC FreeBSD ports repository Modified files: www/mathopd Makefile distinfo pkg-descr www/mathopd/files patch-aa Log: - update to 1.5p7 (fix directory traversal in special case) - while i'm here, fix couple of whitespaces and NOMAN -> NO_MAN warning PR: 164717 Submitted by: Michiel Boland <michiel at boland dot org> Revision Changes Path 1.24 +2 -1 ports/www/mathopd/Makefile 1.16 +2 -2 ports/www/mathopd/distinfo 1.7 +1 -1 ports/www/mathopd/files/patch-aa 1.6 +2 -2 ports/www/mathopd/pkg-descr _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
On 02/02/2012 21:32, Ruslan Mahmatkhanov wrote: > Hello, Michiel. > Would you please also provide vuxml entry? Sure - I'm waiting for my mail to be archived so I can include it as a reference. Cheers Michiel
Michiel Boland wrote on 03.02.2012 01:30: > On 02/02/2012 21:32, Ruslan Mahmatkhanov wrote: >> Hello, Michiel. >> Would you please also provide vuxml entry? > > Sure - I'm waiting for my mail to be archived so I can include it as a > reference. > Cheers > Michiel Ok, I already committed the update but not closing the pr yet, waiting for vuxml entry. Thanks. -- Regards, Ruslan Tinderboxing kills... the drives.
On 02/02/2012 21:32, Ruslan Mahmatkhanov wrote: > Hello, Michiel. > Would you please also provide vuxml entry? see attachment Cheers Michiel
Michiel Boland wrote on 03.02.2012 10:00: > On 02/02/2012 21:32, Ruslan Mahmatkhanov wrote: >> Hello, Michiel. >> Would you please also provide vuxml entry? > > see attachment > > Cheers > Michiel Was just committed. Thank you much! -- Regards, Ruslan Tinderboxing kills... the drives.
rm 2012-02-03 06:33:03 UTC FreeBSD ports repository Modified files: security/vuxml vuln.xml Log: Add vuxml entry for mathopd directory traversal vulnerability. PR: 164717 Submitted by: Michiel Boland <michiel at boland dot org> Security: 6e7ad1d7-4e27-11e1-8e12-90e6ba8a36a2 Revision Changes Path 1.2590 +28 -1 ports/security/vuxml/vuln.xml _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed Committed, thank you!