Summary: | net/rsync: add patches to fix security vulnerabilities | ||||||
---|---|---|---|---|---|---|---|
Product: | Ports & Packages | Reporter: | Yasuhiro Kimura <yasu> | ||||
Component: | Individual Port(s) | Assignee: | Emanuel Haupt <ehaupt> | ||||
Status: | Closed FIXED | ||||||
Severity: | Affects Some People | Flags: | bugzilla:
maintainer-feedback?
(ehaupt) |
||||
Priority: | --- | ||||||
Version: | Latest | ||||||
Hardware: | Any | ||||||
OS: | Any | ||||||
See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=224478 | ||||||
Attachments: |
|
I submitted bug #224478 that adds entry for these security vulnerabilities to security/vuxml. So please commit it too. And FYI patches are obtained from Debian. A commit references this bug: Author: ehaupt Date: Wed Dec 20 14:18:21 UTC 2017 New revision: 456798 URL: https://svnweb.freebsd.org/changeset/ports/456798 Log: - Add patches [1] to fix following security vulnerabilities: * CVE-2017-16548 * CVE-2017-17433 * CVE-2017-17434 - Bump PORTREVISION - Move position of PORTREVISION in Makefile to fix portlint warning PR: 224477 Submitted by: yasu@utahime.org Obtained from: debian MFH: 2017Q4 (blanket) Changes: head/net/rsync/Makefile head/net/rsync/files/patch-CVE-2017-16548 head/net/rsync/files/patch-CVE-2017-17433 head/net/rsync/files/patch-CVE-2017-17434-1 head/net/rsync/files/patch-CVE-2017-17434-2 A commit references this bug: Author: ehaupt Date: Wed Dec 20 14:19:35 UTC 2017 New revision: 456800 URL: https://svnweb.freebsd.org/changeset/ports/456800 Log: MFH: r456798 - Add patches [1] to fix following security vulnerabilities: * CVE-2017-16548 * CVE-2017-17433 * CVE-2017-17434 - Bump PORTREVISION - Move position of PORTREVISION in Makefile to fix portlint warning PR: 224477 Submitted by: yasu@utahime.org Obtained from: debian Approved by: ports-secteam (blanket) Changes: _U branches/2017Q4/ branches/2017Q4/net/rsync/Makefile branches/2017Q4/net/rsync/files/patch-CVE-2017-16548 branches/2017Q4/net/rsync/files/patch-CVE-2017-17433 branches/2017Q4/net/rsync/files/patch-CVE-2017-17434-1 branches/2017Q4/net/rsync/files/patch-CVE-2017-17434-2 Thank you very much for this high quality patch. I've committed the patch to head and 2017Q4. I've also taken care of the VuXML entry. |
Created attachment 188988 [details] patch file * Add patches to fix following security vulnerabilities. ** CVE-2017-16548 ** CVE-2017-17433 ** CVE-2017-17434 * Bump PORTREVISION. * Move position of PORTREVISION in Makefile to fix portlint warning.