274879 – net/activemq: Update to 5.18.3 to patch CVE-2023-46604

Bug 274879 - net/activemq: Update to 5.18.3 to patch CVE-2023-46604

Summary: net/activemq: Update to 5.18.3 to patch CVE-2023-46604

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Dan Langille

URL:
Keywords:

Depends on:
Blocks:

Reported:	2023-11-02 17:13 UTC by Dan Langille
Modified:	2023-11-16 21:35 UTC (History)
CC List:	2 users (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (james)

Attachments
patch to 5.18.3 (896 bytes, patch) 2023-11-02 17:13 UTC, Dan Langille	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Dan Langille freebsd_committer

2023-11-02 17:13:06 UTC

Created attachment 246069 [details]
patch to 5.18.3

re https://activemq.apache.org/security-advisories.data/CVE-2023-46604

Comment 1 Li-Wen Hsu freebsd_committer

2023-11-03 07:17:56 UTC

Submitter is committer.

Comment 2 Dan Langille freebsd_committer

2023-11-16 15:34:14 UTC

Maintainer timeout will occur today.

Comment 3 Li-Wen Hsu freebsd_committer

2023-11-16 15:57:09 UTC

(In reply to Dan Langille from comment #2)
BTW for security update, you can directly ask ports-secteam or portmgr to do maintainer override.

Comment 4 Dan Langille freebsd_committer

2023-11-16 16:14:48 UTC

(In reply to Li-Wen Hsu from comment #3)
Thank you. I'll remember that.

Comment 5 commit-hook freebsd_committer

2023-11-16 21:34:38 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=c64400753bc684921fdeb93323fb45a598da6fcf

commit c64400753bc684921fdeb93323fb45a598da6fcf
Author:     Dan Langille <dvl@FreeBSD.org>
AuthorDate: 2023-11-16 21:32:12 +0000
Commit:     Dan Langille <dvl@FreeBSD.org>
CommitDate: 2023-11-16 21:33:58 +0000

    net/activemq: Update to 5.18.3

    fixes CVE-2023-46604

    PR:             274879
    Approved by:    maintainer (timeout 2 weeks)
    Security:       CVE-2023-46604

 net/activemq/Makefile | 2 +-
 net/activemq/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)