Created attachment 252965 [details] [PATCH] textproc/md4c: update 0.4.7 → 0.5.2
https://nvd.nist.gov/vuln/detail/CVE-2021-30027
Created attachment 252967 [details] [PATCH] textproc/md4c: update 0.4.7 → 0.5.2
Created attachment 252972 [details] [PATCH] textproc/md4c: update 0.4.7 → 0.5.2, fix CVE
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=6b27d9ea72167081d6ddde68ce7458cb199b078b commit 6b27d9ea72167081d6ddde68ce7458cb199b078b Author: Fernando Apesteguía <fernape@FreeBSD.org> AuthorDate: 2024-08-23 17:56:57 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-08-23 18:02:45 +0000 security/vuxml: Record DoS vulnerability for md4c PR: 280956 Reported by: Älven <alster@vinterdalen.se> security/vuxml/vuln/2024.xml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=156b0ec23240ad23d3786eabf689799c9d919bac commit 156b0ec23240ad23d3786eabf689799c9d919bac Author: Älven <alster@vinterdalen.se> AuthorDate: 2024-08-23 07:50:19 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-08-23 18:10:57 +0000 textproc/md4c: update to 0.5.2 ChangeLog: https://github.com/mity/md4c/blob/master/CHANGELOG.md Fixes CVE-2021-30027: DoS with malformed Markdown. * Base Score: 5.5 MEDIUM * Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H PR: 280956 Reported by: alster@vinterdalen.se MFH: 2024Q3 (security fix) Security: CVE-2021-30027 textproc/md4c/Makefile | 7 ++++--- textproc/md4c/distinfo | 6 +++--- textproc/md4c/pkg-plist | 6 ++---- 3 files changed, 9 insertions(+), 10 deletions(-)
Committed, Thanks!
A commit in branch 2024Q3 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=af64efa400a095b046e061837575f5a829500170 commit af64efa400a095b046e061837575f5a829500170 Author: Älven <alster@vinterdalen.se> AuthorDate: 2024-08-23 07:50:19 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-08-25 11:56:30 +0000 textproc/md4c: update to 0.5.2 ChangeLog: https://github.com/mity/md4c/blob/master/CHANGELOG.md Fixes CVE-2021-30027: DoS with malformed Markdown. * Base Score: 5.5 MEDIUM * Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H PR: 280956 Reported by: alster@vinterdalen.se MFH: 2024Q3 (security fix) Security: CVE-2021-30027 (cherry picked from commit 156b0ec23240ad23d3786eabf689799c9d919bac) textproc/md4c/Makefile | 7 ++++--- textproc/md4c/distinfo | 6 +++--- textproc/md4c/pkg-plist | 6 ++---- 3 files changed, 9 insertions(+), 10 deletions(-)