Bug 225611
| Summary: | www/w3m Multiple vulnerabilities affecting w3m | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Product: | Ports & Packages | Reporter: | Daniel Ebdrup Jensen <debdrup> | ||||||||||
| Component: | Individual Port(s) | Assignee: | MANTANI Nobutaka <nobutaka> | ||||||||||
| Status: | Closed FIXED | ||||||||||||
| Severity: | Affects Some People | CC: | brd, swills, yasu | ||||||||||
| Priority: | --- | Keywords: | needs-qa, patch, security | ||||||||||
| Version: | Latest | Flags: | nobutaka:
maintainer-feedback+
nobutaka: merge-quarterly+ |
||||||||||
| Hardware: | Any | ||||||||||||
| OS: | Any | ||||||||||||
| Attachments: |
|
||||||||||||
|
Description
Daniel Ebdrup Jensen
2018-02-01 20:03:40 UTC
Created attachment 190254 [details]
update patch
See attached
Created attachment 190272 [details]
vuxml entry
An attempt at a vuxml entry, passes 'make validate' and has been checked with pkg audit -f /usr/ports/security/vuxml/vuxml.xml against w3m-0.5.3.20170102_1
A commit references this bug: Author: brd Date: Fri Feb 2 18:20:05 UTC 2018 New revision: 460722 URL: https://svnweb.freebsd.org/changeset/ports/460722 Log: Document vulns in www/w3m. PR: 225611 Submitted by: D. Ebdrup <debdrup@gmail.com> Changes: head/security/vuxml/vuln.xml Comment on attachment 190272 [details]
vuxml entry
Committed, thanks!
Created attachment 190273 [details]
Corrected vuxml entry (obsoleted)
Vladimir Krstulja helpfully pointed out that I'd missed some variants and hadn't correctly identified the CVEs in the cvename section.
Next time I'll be sure to file an entry for security/vuxml too, instead of under www/w3m.
Comment on attachment 190273 [details]
Corrected vuxml entry (obsoleted)
Oops, not an actual diff. My bad.
Created attachment 190275 [details]
Final vuxml entry
This vuxml entry removes emacs-w3m and adds ja-w3m and ja-w3m-img.
Previous vuxmlentry-corrected.txt should be obsoleted.
A commit references this bug: Author: nobutaka Date: Sat Feb 3 13:21:38 UTC 2018 New revision: 460810 URL: https://svnweb.freebsd.org/changeset/ports/460810 Log: - Update to 0.5.3.20180125. - This version fixes multiple vulnerabilities. PR: 225611 Submitted by: D. Ebdrup <debdrup@gmail.com> MFH: 2018Q1 Security: e72d5bf5-07a0-11e8-8248-0021ccb9e74d Changes: head/www/w3m/Makefile head/www/w3m/distinfo A commit references this bug: Author: nobutaka Date: Sat Feb 3 13:35:04 UTC 2018 New revision: 460811 URL: https://svnweb.freebsd.org/changeset/ports/460811 Log: Update entry of w3m vulnerabilities. PR: 225611 Submitted by: D. Ebdrup <debdrup@gmail.com> Changes: head/security/vuxml/vuln.xml A commit references this bug: Author: nobutaka Date: Sun Feb 4 13:32:07 UTC 2018 New revision: 460930 URL: https://svnweb.freebsd.org/changeset/ports/460930 Log: MFH: r460810 - Update to 0.5.3.20180125. - This version fixes multiple vulnerabilities. PR: 225611 Submitted by: D. Ebdrup <debdrup@gmail.com> Security: e72d5bf5-07a0-11e8-8248-0021ccb9e74d Approved by: ports-secteam (feld) Changes: _U branches/2018Q1/ branches/2018Q1/www/w3m/Makefile branches/2018Q1/www/w3m/distinfo Update done. Thank you for the patches! |