Bug 210550 - security/vuxml: CVE-2016-2177 missing for security/openssl
Summary: security/vuxml: CVE-2016-2177 missing for security/openssl
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Some People
Assignee: Mark Felder
URL:
Keywords: needs-qa, security
Depends on:
Blocks:
 
Reported: 2016-06-25 07:40 UTC by Derek Schrock
Modified: 2016-07-01 13:00 UTC (History)
4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Derek Schrock 2016-06-25 07:40:34 UTC 
r417176 fixed CVE-2016-2177 however I don't see an entry in pkg-audit or security/vuxml for openssl <1.0.2_14.

https://svnweb.freebsd.org/ports?view=revision&revision=417176

r417176 updates openssl to 1.0.2_14

# pkg query '%v' openssl
1.0.2_13
# pkg audit -F
vulnxml file up-to-date
0 problem(s) in the installed packages found.
# pkg rquery '%v' openssl 
1.0.2_14
Comment 1 Dirk Meyer freebsd_committer freebsd_triage 2016-06-30 19:07:12 UTC 
not a problem of the port.
Comment 2 Mark Felder freebsd_committer freebsd_triage 2016-06-30 20:52:53 UTC 
vuxml entry created, thanks!
Comment 3 commit-hook freebsd_committer freebsd_triage 2016-06-30 20:53:36 UTC 
A commit references this bug:

Author: feld
Date: Thu Jun 30 20:52:40 UTC 2016
New revision: 417842
URL: https://svnweb.freebsd.org/changeset/ports/417842

Log:
  Document openssl vulnerability

  PR:		210550
  Security:	CVE-2016-2177

Changes:
  head/security/vuxml/vuln.xml
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2016-07-01 13:00:57 UTC 
Assign to committer that resolved