Bug 251695

Summary: sysutils/tmux: Update quarterly to 3.1c
Product: Ports & Packages Reporter: Marcel O'Neil <marcel>
Component: Individual Port(s)Assignee: Mathieu Arnold <mat>
Status: Closed Overcome By Events    
Severity: Affects Many People CC: ports-secteam
Priority: --- Keywords: needs-qa, security
Version: LatestFlags: bugzilla: maintainer-feedback? (mat)
koobs: merge-quarterly?
Hardware: Any   
OS: Any   

Description Marcel O'Neil 2020-12-09 02:14:05 UTC 
The version of tmux currently on the quarterly branch (3.1b) is marked as vulnerable, it should be updated to 3.1c:

tmux-3.1b is vulnerable:
tmux -- stack overflow in CSI parsing
WWW: https://vuxml.FreeBSD.org/freebsd/8827134c-1a8f-11eb-9bb0-08002725d892.html

Here is the patch that updated tmux on head: https://svnweb.freebsd.org/ports?view=revision&revision=553690

This is my first report on bugzilla, apologies if I messed anything up or omitted any necessary details.
Comment 1 Mathieu Arnold freebsd_committer freebsd_triage 2021-01-04 14:37:14 UTC 
new quarterly has newer tmux.