Bug 254780

Summary:

security/vuxml: Document information disclosure vulnerability in python.

Product:

Ports & Packages

Reporter:

Yasuhiro Kimura <yasu>

Component:

Individual Port(s)

Assignee:

Thomas Zander <riggs>

Status:

Closed FIXED

Severity:

Affects Only Me

CC:

python, riggs

Priority:

---

Keywords:

patch, security

Version:

Latest

Flags:

riggs: maintainer-feedback+

Hardware:

Any

OS:

Any

Bug Depends on:

Bug Blocks:

254783

Attachments:

Description	Flags
Patch file	none
Updated patch file	none

Description Yasuhiro Kimura freebsd_committer

2021-04-05 09:55:25 UTC

Created attachment 223819 [details]
Patch file

Document information disclosure vulnerability in python.

Comment 1 Yasuhiro Kimura freebsd_committer

2021-04-10 02:00:22 UTC

Created attachment 223969 [details]
Updated patch file

Chase update of ports tree.

Comment 2 commit-hook freebsd_committer

2021-04-10 07:14:32 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=1d4cfc12c8fa8c58010c2468a2181bcc96302e36

commit 1d4cfc12c8fa8c58010c2468a2181bcc96302e36
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2021-04-10 07:05:37 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2021-04-10 07:13:03 +0000

    security/vuxml: Document information disclosure vulnerability in python.
    PR:             254780
    Reported by:    yasu@utahime.org
    Security:       CVE-2021-3426

 security/vuxml/vuln.xml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)