Created attachment 247836 [details] Update rclone to 1.65.1 Q&A: poudriere: builds ok (14.0-RELEASE; amd64) Makefile processed by portclippy/fmt
Fixes CVE-2023-48795 and CVE-2023-45286. Note to self: add VuXML entries.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=0401fcc4c430bef1acbcb79e25508e068394c32b commit 0401fcc4c430bef1acbcb79e25508e068394c32b Author: Fernando Apesteguía <fernape@FreeBSD.org> AuthorDate: 2024-01-26 13:50:37 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-01-26 13:53:08 +0000 security/vuxml: document rclone vulnerabilities CVE-2023-48795: Base Score: 5.9 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2023-45286: Base Score: 5.9 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N PR: 276515 security/vuxml/vuln/2024.xml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=026c0699e6eddb09426601dd9cd453162593c4e3 commit 026c0699e6eddb09426601dd9cd453162593c4e3 Author: Ralf van der Enden <tremere@cainites.net> AuthorDate: 2024-01-23 08:10:42 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-01-26 17:14:43 +0000 net/rclone: update to 1.65.1 ChangeLog: https://rclone.org/changelog/#v1-65-1-2024-01-08 Fixes two security issues. CVE-2023-48795: Base Score: 5.9 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2023-45286: Base Score: 5.9 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N PR: 276515 Reported by: tremere@cainites.net (maintainer) MFH: 2024Q1 (security fixes) Security: CVE-2023-48795 CVE-2023-45286 net/rclone/Makefile | 3 +-- net/rclone/distinfo | 10 +++++----- 2 files changed, 6 insertions(+), 7 deletions(-)
Committed and merged to 2024Q1, Thanks!
A commit in branch 2024Q1 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=8c2ce6213f7a672531376d7ad25ad301f885378e commit 8c2ce6213f7a672531376d7ad25ad301f885378e Author: Ralf van der Enden <tremere@cainites.net> AuthorDate: 2024-01-23 08:10:42 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-01-26 17:17:42 +0000 net/rclone: update to 1.65.1 ChangeLog: https://rclone.org/changelog/#v1-65-1-2024-01-08 Fixes two security issues. CVE-2023-48795: Base Score: 5.9 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2023-45286: Base Score: 5.9 MEDIUM Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N PR: 276515 Reported by: tremere@cainites.net (maintainer) MFH: 2024Q1 (security fixes) Security: CVE-2023-48795 CVE-2023-45286 (cherry picked from commit 026c0699e6eddb09426601dd9cd453162593c4e3) net/rclone/Makefile | 3 +-- net/rclone/distinfo | 10 +++++----- 2 files changed, 6 insertions(+), 7 deletions(-)