Bug 212888

Summary: irc/irssi: Multiple vulnerabilities
Product: Ports & Packages Reporter: VK <vlad-fbsd>
Component: Individual Port(s)Assignee: Mark Felder <feld>
Status: Closed FIXED    
Severity: Affects Some People CC: feld, ports-secteam, vanilla
Priority: --- Keywords: patch, security
Version: LatestFlags: bugzilla: maintainer-feedback? (vanilla)
feld: merge-quarterly+
Hardware: Any   
OS: Any   
URL: https://irssi.org/security/irssi_sa_2016.txt
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=212889
Attachments:
Description Flags
Upgrade irssi to 0.8.20 vlad-fbsd: maintainer-approval? (vanilla)

Description VK 2016-09-21 20:41:45 UTC 
Remote vuln in irssi < 0.8.20

https://irssi.org/security/irssi_sa_2016.txt
Comment 1 VK 2016-09-21 20:44:28 UTC 
CC ports-secteam@
Comment 2 VK 2016-09-21 20:51:14 UTC 
Created attachment 175040 [details]
Upgrade irssi to 0.8.20
Comment 3 VK 2016-09-21 20:52:49 UTC 
Patch passes:

* Poudriere 11.0-RC3 amd64 build test
* portlint complaints from before
Comment 4 commit-hook freebsd_committer freebsd_triage 2016-09-21 20:56:19 UTC 
A commit references this bug:

Author: feld
Date: Wed Sep 21 20:56:02 UTC 2016
New revision: 422579
URL: https://svnweb.freebsd.org/changeset/ports/422579

Log:
  irc/irssi: Update to 0.8.20

  - Add gettext-runtime to USES per poudriere's warning

  https://irssi.org/security/irssi_sa_2016.txt

  PR:		212888
  MFH:		2016Q3
  Security:	CVE-2016-7044
  Security:	CVE-2016-7045

Changes:
  head/irc/irssi/Makefile
  head/irc/irssi/distinfo
  head/irc/irssi/pkg-plist
Comment 5 commit-hook freebsd_committer freebsd_triage 2016-09-21 20:57:21 UTC 
A commit references this bug:

Author: feld
Date: Wed Sep 21 20:56:36 UTC 2016
New revision: 422580
URL: https://svnweb.freebsd.org/changeset/ports/422580

Log:
  MFH: r422579

  irc/irssi: Update to 0.8.20

  - Add gettext-runtime to USES per poudriere's warning

  https://irssi.org/security/irssi_sa_2016.txt

  PR:		212888
  Security:	CVE-2016-7044
  Security:	CVE-2016-7045

  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2016Q3/
  branches/2016Q3/irc/irssi/Makefile
  branches/2016Q3/irc/irssi/distinfo
  branches/2016Q3/irc/irssi/pkg-plist
Comment 6 commit-hook freebsd_committer freebsd_triage 2016-09-21 21:00:22 UTC 
A commit references this bug:

Author: feld
Date: Wed Sep 21 20:59:53 UTC 2016
New revision: 422582
URL: https://svnweb.freebsd.org/changeset/ports/422582

Log:
  Document irssi vulnerabilities

  PR:		212888
  Security:	CVE-2016-7044
  Security:	CVE-2016-7045

Changes:
  head/security/vuxml/vuln.xml