Bug 247714

Summary: security/vuxml update: coturn CVE-2020-4067
Product: Ports & Packages Reporter: rob2g2 <rob2g2-freebsd>
Component: Individual Port(s)Assignee: Yuri Victorovich <yuri>
Status: Closed FIXED    
Severity: Affects Many People CC: ports-secteam, ports-security, rob2g2-freebsd, yuri
Priority: Normal Flags: koobs: maintainer-feedback+
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
vuxml patch to include coturn CVE-2020-4067 none

Description rob2g2 2020-07-02 12:26:16 UTC 
Created attachment 216137 [details]
vuxml patch to include coturn CVE-2020-4067

inform users about information leakage vulnerability in coturn (CVE-2020-4067)
Comment 1 Yuri Victorovich freebsd_committer freebsd_triage 2020-07-02 17:34:54 UTC 
Committed in r541049.

Sorry, I missed the attribution in the commit to this bug and the submitter.

Thank you for your patch!
Comment 2 Kubilay Kocak freebsd_committer freebsd_triage 2020-07-03 02:10:41 UTC 
^Triage: 

- Assign to committer that resolved

@Yuri If there were Bugzilla issues related to addressing these security vulnerabilities, please include them in this issues "Depends On" field. If they don't exist, please create them for any/all affected port origins
Comment 3 Yuri Victorovich freebsd_committer freebsd_triage 2020-07-03 03:08:39 UTC 
(In reply to Kubilay Kocak from comment #2)

Hi Kubilay,

This vulnerability issue is resolved in the current port version.
The problem existed only before the latest update.

Best,
Yuri