198815 – devel/m6811-binutils: Multiple security vulnerabilities

Bug 198815 - devel/m6811-binutils: Multiple security vulnerabilities

Summary: devel/m6811-binutils: Multiple security vulnerabilities

Status:	Closed Feedback Timeout

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Mark Felder

URL:
Keywords:	needs-patch, security

Depends on:
Blocks:

Reported:	2015-03-23 01:13 UTC by Sevan Janiyan
Modified:	2017-02-18 22:06 UTC (History)
CC List:	3 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sevan Janiyan 2015-03-23 01:13:11 UTC

Current version in the tree is vulnerable to several issues and should be updated
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8501
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8502
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-8503

Comment 1 Kubilay Kocak freebsd_committer

2015-03-23 07:16:14 UTC

This port has no maintainer. Please attach a patch to update this port.

Comment 2 Mark Felder freebsd_committer

2016-01-08 17:24:43 UTC

taking and adding to vuxml. Not sure if I can find a newer distfile, but I'll see what I can do.

Comment 3 commit-hook freebsd_committer

2016-01-08 17:26:22 UTC

A commit references this bug:

Author: feld
Date: Fri Jan  8 17:25:40 UTC 2016
New revision: 405572
URL: https://svnweb.freebsd.org/changeset/ports/405572

Log:
  Document devel/m6811-binutils is also vuln to older CVEs

  PR:		198815
  Security:	CVE-2014-8501
  Security:	CVE-2014-8502
  Security:	CVE-2014-8503

Changes:
  head/security/vuxml/vuln.xml

Comment 4 Rene Ladan freebsd_committer

2017-02-18 22:06:40 UTC

No updates for 13 months including no updates since this port was marked for expiration.