Bug 213800

Summary:

security/vuxml: add entries for recent node.js vulnerabilities

Product:

Ports & Packages

Reporter:

Bradley T. Hughes <bhughes>

Component:

Individual Port(s)

Assignee:

Mark Felder <feld>

Status:

Closed FIXED

Severity:

Affects Many People

CC:

bhughes, feld, koobs, ports-secteam

Priority:

---

Flags:

bugzilla: maintainer-feedback? (ports-secteam)

Version:

Latest

Hardware:

Any

OS:

Any

URL:

https://nodejs.org/en/blog/vulnerability/october-2016-security-releases/

Bug Depends on:

Bug Blocks:

213602, 213603, 213604

Attachments:

Description	Flags
node.js vuxml entries for the October security releases	bhughes: maintainer-approval? (ports-secteam)

Description Bradley T. Hughes freebsd_committer

2016-10-26 09:51:00 UTC

Created attachment 176180 [details]
node.js vuxml entries for the October security releases

There are 2 entres: one for the c-ares bundled dependency and one for
multiple v6.x specific vulnerabilities.

https://nodejs.org/en/blog/vulnerability/october-2016-security-releases/

Comment 1 Mark Felder freebsd_committer

2016-10-28 13:33:53 UTC

Committed, thanks!

Comment 2 commit-hook freebsd_committer

2016-10-28 13:34:30 UTC

A commit references this bug:

Author: feld
Date: Fri Oct 28 13:33:41 UTC 2016
New revision: 424839
URL: https://svnweb.freebsd.org/changeset/ports/424839

Log:
  Document node vulnerabilities

  PR:		213800
  Security:	CVE-2016-5172

Changes:
  head/security/vuxml/vuln.xml