Bug 207740
| Summary: | devel/websvn: Add patches for CVE-2013-6892 and CVE-2016-2511 | ||||||
|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Raphael Kubo da Costa <rakuco> | ||||
| Component: | Individual Port(s) | Assignee: | Mark Felder <feld> | ||||
| Status: | Closed FIXED | ||||||
| Severity: | Affects Only Me | CC: | feld, junovitch, ports-secteam, ychsiao | ||||
| Priority: | --- | Keywords: | patch-ready, security | ||||
| Version: | Latest | Flags: | rakuco:
maintainer-feedback+
|
||||
| Hardware: | Any | ||||||
| OS: | Any | ||||||
| Attachments: |
|
||||||
I approve on behalf of ports-secteam for you to commit this update without waiting for maintainer feedback. Please include MFH: 2016Q1 in the commit message and we will approve the MFH as well. If you need assistance with the merge let me know. Thanks! A commit references this bug: Author: rakuco Date: Sun Mar 6 18:26:39 UTC 2016 New revision: 410474 URL: https://svnweb.freebsd.org/changeset/ports/410474 Log: Add patches to fix CVE-2013-6892 and CVE-2016-2511. PR: 207740 Approved by: ports-secteam (feld) MFH: 2016Q1 Changes: head/devel/websvn/Makefile head/devel/websvn/files/patch-CVE-2013-6892 head/devel/websvn/files/patch-CVE-2016-2511 A commit references this bug: Author: rakuco Date: Sun Mar 6 18:30:23 UTC 2016 New revision: 410475 URL: https://svnweb.freebsd.org/changeset/ports/410475 Log: MFH: r410474 Add patches to fix CVE-2013-6892 and CVE-2016-2511. PR: 207740 Approved by: ports-secteam (feld) Changes: _U branches/2016Q1/ branches/2016Q1/devel/websvn/Makefile branches/2016Q1/devel/websvn/files/patch-CVE-2013-6892 branches/2016Q1/devel/websvn/files/patch-CVE-2016-2511 |
Created attachment 167760 [details] Proposed patch The attached patches fix two CVEs with code obtained from Debian: CVE-2013-6892 and CVE-2016-2511. The respective vuln.xml entries have already been added.