FreeBSD Bugzilla – Attachment 226317 Details for
Bug 257068
security/vuxml: Multiple vulnerabilities in databases/mantis <2.25.2
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
patch for vuxml entry
mantis-vuxml.diff (text/plain), 1.58 KB, created by
Zoltan ALEXANDERSON BESSE
on 2021-07-09 00:36:00 UTC
(
hide
)
Description:
patch for vuxml entry
Filename:
MIME Type:
Creator:
Zoltan ALEXANDERSON BESSE
Created:
2021-07-09 00:36:00 UTC
Size:
1.58 KB
patch
obsolete
>diff --git a/security/vuxml/vuln-2021.xml b/security/vuxml/vuln-2021.xml >index cf02f4375c60..6b3c968fe90e 100644 >--- a/security/vuxml/vuln-2021.xml >+++ b/security/vuxml/vuln-2021.xml >@@ -1,3 +1,39 @@ >+ <vuln vid="9b1699ff-d84c-11eb-92d6-1b6ff3dfe4d3"> >+ <topic>mantis -- multiple vulnerabilities</topic> >+ <affects> >+ <package> >+ <name>mantis-php73</name> >+ <name>mantis-php74</name> >+ <name>mantis-php80</name> >+ <range><lt>2.25.2,1</lt></range> >+ </package> >+ </affects> >+ <description> >+ <body xmlns="http://www.w3.org/1999/xhtml"> >+ <p>Mantis 2.25.1 and 2.25.2 releases report:</p> >+ <blockquote cite="https://mantisbt.org/bugs/changelog_page.php?version_id=362"> >+ <p>Security and maintenance release, PHPMailer update to 6.5.0</p> >+ <ul> >+ <li>0028552: XSS in manage_custom_field_edit_page.php (CVE-2021-33557)</li> >+ <li>0028821: Update PHPMailer to 6.5.0 (CVE-2021-3603, CVE-2020-36326)</li> >+ </ul> >+ </blockquote> >+ </body> >+ </description> >+ <references> >+ <cvename>CVE-2021-33557</cvename> >+ <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-33557</url> >+ <cvename>CVE-2021-3603</cvename> >+ <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3603</url> >+ <cvename>CVE-2020-36326</cvename> >+ <url>https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-36326</url> >+ </references> >+ <dates> >+ <discovery>2021-04-28</discovery> >+ <entry>2021-07-09</entry> >+ </dates> >+ </vuln> >+ > <vuln vid="01974420-dfaf-11eb-ba49-001b217b3468"> > <topic>Gitlab -- vulnerability</topic> > <affects>
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=226317">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 257068
: 226317