Bug 214532

Summary: security/vuxml: Document www/libwww vulnerability
Product: Ports & Packages Reporter: Danilo G. Baio <dbaio>
Component: Individual Port(s)Assignee: Jason Unovitch <junovitch>
Status: Closed FIXED    
Severity: Affects Some People CC: junovitch, marius, ports-secteam
Priority: --- Keywords: patch, security
Version: LatestFlags: vlad-fbsd: maintainer-feedback? (ports-secteam)
Hardware: Any   
OS: Any   
Bug Depends on:    
Bug Blocks: 214546    
Attachments:
Description Flags
vuxml-libwww.patch
none
vuxml-libwww_v02.patch none

Description Danilo G. Baio freebsd_committer freebsd_triage 2016-11-15 14:21:32 UTC 
Created attachment 177022 [details]
vuxml-libwww.patch

- Document www/libwww vulnerability
Comment 1 Danilo G. Baio freebsd_committer freebsd_triage 2016-11-15 20:38:52 UTC 
Created attachment 177034 [details]
vuxml-libwww_v02.patch


Actually, there are other vulnerabilities.
Updating patch.
Comment 2 marius 2016-11-19 10:58:41 UTC 
Looks good to me.
Comment 3 Jason Unovitch freebsd_committer freebsd_triage 2016-11-29 01:19:13 UTC 
Take for review. Should commit tomorrow.
Comment 4 commit-hook freebsd_committer freebsd_triage 2016-11-29 22:59:13 UTC 
A commit references this bug:

Author: junovitch
Date: Tue Nov 29 22:58:53 UTC 2016
New revision: 427402
URL: https://svnweb.freebsd.org/changeset/ports/427402

Log:
  Document libwww vulnerabilities

  PR:		214532
  Submitted by:	Danilo G. Baio <dbaio@bsd.com.br>
  Security:	CVE-2009-3720
  Security:	CVE-2009-3560
  Security:	CVE-2005-3183
  Security:	https://vuxml.FreeBSD.org/freebsd/18449f92-ab39-11e6-8011-005056925db4.html

Changes:
  head/security/vuxml/vuln.xml
Comment 5 Jason Unovitch freebsd_committer freebsd_triage 2016-11-29 23:04:13 UTC 
Committed. Thanks!