Bug 130606 - vuxml submission for net-im/openfire
Summary: vuxml submission for net-im/openfire
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Thomas Abthorpe
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-01-16 06:30 UTC by mark
Modified: 2009-01-25 01:00 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description mark 2009-01-16 06:30:01 UTC 

Fix: 

<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="78d59d1f-a484-4649-a473-cd5a307592c8">
     <topic>openfire -- Openfire multiple vulnerabilities</topic>
     <affects>
       <package>
         <name>openfire</name>
         <range><lt>3.6.3</lt></range>
       </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
         <p>Vendor reports:</p>
         <blockquote cite="http://www.coresecurity.com/content/openfire-multiple-vulnerabilities">
           <p>Multiple cross-site scripting vulnerabilities have been found which may lead to arbitrary remote code execution on the server running the application due to unauthorized upload of Java plugin code. </p>
         </blockquote>
       </body>
     </description>
     <references>
      <url>http://www.coresecurity.com/content/openfire-multiple-vulnerabilities</url>
      <bid>32935</bid>
      <bid>32937</bid>
      <bid>32938</bid>
      <bid>32939</bid>
      <bid>32940</bid>
      <bid>32943</bid>
      <bid>32944</bid>
      <bid>32945</bid>
     </references>
     <dates>
       <discovery>2009-01-08</discovery>
       <entry>2009-01-15</entry>
     </dates>
   </vuln>
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2009-01-16 06:30:13 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->gahr

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 Thomas Abthorpe freebsd_committer freebsd_triage 2009-01-23 18:05:42 UTC 
Responsible Changed
From-To: gahr->tabthorpe

I'll take it.
Comment 3 dfilter service freebsd_committer freebsd_triage 2009-01-25 00:56:27 UTC 
tabthorpe    2009-01-25 00:56:18 UTC

  FreeBSD ports repository

  Modified files:
    security/vuxml       vuln.xml 
  Log:
  - Document openfire -- multiple vulnerabilities
  
  PR:             ports/130606
  Submitted by:   Mark Foster <mark foster.cc>
  
  Revision  Changes    Path
  1.1831    +38 -1     ports/security/vuxml/vuln.xml
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
Comment 4 Thomas Abthorpe freebsd_committer freebsd_triage 2009-01-25 00:56:39 UTC 
State Changed
From-To: open->closed

Committed. Thanks!