Created attachment 228865 [details] Patch file * Add upstream patch to fix possible RCE vulnerability * Switch to DISTVERSION * Pet portclippy * Reformat Makefile with portfmt Obtained from: https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844 Security: CVE-2021-32749 Security: https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm
Thanks! About time, upstream releases 0.11.3 or 1.0 :)
This is a vulnerability, so please don't wait to merge it quarterly. If that is what the merge-quarterly flag means ...
(In reply to theis from comment #2) I intended to set merge-quarterly flag to "+". Sorry for doing something confusing.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=644e5b65b9503bed420885c9fefc8b3941dd009d commit 644e5b65b9503bed420885c9fefc8b3941dd009d Author: Yasuhiro Kimura <yasu@FreeBSD.org> AuthorDate: 2021-10-20 09:42:38 +0000 Commit: Yasuhiro Kimura <yasu@FreeBSD.org> CommitDate: 2021-10-27 15:48:14 +0000 security/py-fail2ban: Add upstream patch to fix possible RCE vulnerability * Switch to DISTVERSION * Pet portclippy * Reformat Makefile with portfmt PR: 259297 Approved by: maintainer Obtained from: https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844 MFH: 2021Q4 Security: CVE-2021-32749 Security: https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm Differential Revision: https://reviews.freebsd.org/D32576 security/py-fail2ban/Makefile | 26 ++-- .../py-fail2ban/files/patch-CVE-2021-32749 (new) | 158 +++++++++++++++++++++ 2 files changed, 169 insertions(+), 15 deletions(-)
A commit in branch 2021Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=69221920c9faeff24c581ac1ee6d89ca4f1bbf11 commit 69221920c9faeff24c581ac1ee6d89ca4f1bbf11 Author: Yasuhiro Kimura <yasu@FreeBSD.org> AuthorDate: 2021-10-20 09:42:38 +0000 Commit: Yasuhiro Kimura <yasu@FreeBSD.org> CommitDate: 2021-10-27 15:49:50 +0000 security/py-fail2ban: Add upstream patch to fix possible RCE vulnerability * Switch to DISTVERSION * Pet portclippy * Reformat Makefile with portfmt PR: 259297 Approved by: maintainer Obtained from: https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844 MFH: 2021Q4 Security: CVE-2021-32749 Security: https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm Differential Revision: https://reviews.freebsd.org/D32576 (cherry picked from commit 644e5b65b9503bed420885c9fefc8b3941dd009d) security/py-fail2ban/Makefile | 26 ++-- .../py-fail2ban/files/patch-CVE-2021-32749 (new) | 158 +++++++++++++++++++++ 2 files changed, 169 insertions(+), 15 deletions(-)