Bug 272346 - net/py-suds: CVE-2013-2217
Summary: net/py-suds: CVE-2013-2217
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Many People
Assignee: Po-Chuan Hsieh
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-07-03 13:11 UTC by David M.
Modified: 2023-07-09 11:01 UTC (History)
0 users

See Also:
bugzilla: maintainer-feedback? (sunpoet)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description David M. 2023-07-03 13:11:18 UTC 
Hello,

According to a py-suds community fork maintainer, the CVE-2013-2217 should be fixed long time ago and the current CVE entry are incorrect.

https://github.com/suds-community/suds/issues/94
Comment 1 commit-hook freebsd_committer freebsd_triage 2023-07-09 10:47:00 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=5097c655982355ebc06838d1f710904888e51194

commit 5097c655982355ebc06838d1f710904888e51194
Author:     Po-Chuan Hsieh <sunpoet@FreeBSD.org>
AuthorDate: 2023-07-09 10:32:01 +0000
Commit:     Po-Chuan Hsieh <sunpoet@FreeBSD.org>
CommitDate: 2023-07-09 10:32:01 +0000

    security/vuxml: Fix py-suds entry (b31f7029-817c-4c1f-b7d3-252de5283393)

    PR:             272346
    Reported by:    David M. <root@network-dev.org>
    Reference:      https://github.com/suds-community/suds/issues/94
                    https://github.com/advisories/GHSA-vpqp-hx68-p2wx

 security/vuxml/vuln/2023.xml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)