Bug 254772 - security/vuxml: Document 2 vulnerabilities in cURL
Summary: security/vuxml: Document 2 vulnerabilities in cURL
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Thomas Zander
URL:
Keywords: patch
: 254912 (view as bug list)
Depends on:
Blocks: 254773
  Show dependency treegraph
 
Reported: 2021-04-04 22:12 UTC by Yasuhiro Kimura
Modified: 2021-04-10 06:33 UTC (History)
3 users (show)

See Also:
riggs: maintainer-feedback+

Attachments
Patch file (3.58 KB, patch)
2021-04-04 22:12 UTC, Yasuhiro Kimura 		no flags Details | Diff
Updated patch file (3.98 KB, patch)
2021-04-10 01:57 UTC, Yasuhiro Kimura 		no flags Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Yasuhiro Kimura freebsd_committer freebsd_triage 2021-04-04 22:12:52 UTC 
Created attachment 223811 [details]
Patch file

Document 2 vulnerabilities in cURL (CVE-2021-22876, CVE-2021-22890).
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2021-04-09 10:21:42 UTC 
*** Bug 254912 has been marked as a duplicate of this bug. ***
Comment 2 Yasuhiro Kimura freebsd_committer freebsd_triage 2021-04-10 01:57:31 UTC 
Created attachment 223968 [details]
Updated patch file

Chase update of ports tree.
Comment 3 commit-hook freebsd_committer freebsd_triage 2021-04-10 06:32:27 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=1e8993822a938afd8bd61f5914150ed173a394bb

commit 1e8993822a938afd8bd61f5914150ed173a394bb
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2021-04-10 06:24:55 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2021-04-10 06:31:41 +0000

    security/vuxml: Document 2 vulnerabilities in ftp/curl
    Security:       CVE-2021-22876
                    CVE-2021-22890

    PR:             254772
    Reported by:    yasu@utahime.org

 security/vuxml/vuln.xml | 87 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 87 insertions(+)