Created attachment 234809 [details] add CVE entries related to www/mitmproxy * CVE-2022-24766, https://github.com/mitmproxy/mitmproxy/commit/b06fb6d157087d526bd02e7aadbe37c56865c71b
I do not see any sense creating a block to PR 264426 Please focus on upgrading the mitmproxy port in a timely manner, please!
(In reply to p5B2EA84B3 from comment #1) This is for committing (pushing) the vuxml and updating the port for a preferred order. We firstly create a vuxml entry, then put the vuln id in the commit message of updating mitmproxy. Yes this is listed as blocking issue, but it can be solved trivially. We can of course commit and push it anytime, but it doesn't make much sense without updating mitmproxy in the same time. Yes people are focusing on updating mitmproxy so that we can update things together. If possible, you can join the effort on updating it or support the work in any kind of approaches, all of them will be a great help.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=e6fdd8b6c34ba8a5b747cbbf35b252d934b75785 commit e6fdd8b6c34ba8a5b747cbbf35b252d934b75785 Author: Hung-Yi Chen <gaod@hychen.org> AuthorDate: 2022-06-20 14:07:06 +0000 Commit: Li-Wen Hsu <lwhsu@FreeBSD.org> CommitDate: 2022-06-20 14:09:26 +0000 security/vuxml: Add CVE-2022-24766 for www/mitmproxy PR: 264782 security/vuxml/vuln-2022.xml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+)
(In reply to p5B2EA84B3 from comment #1) Blocked just means that in order to consider the blocked issue 'resolved', the blocking issue must also be resolved.