Bug 255292

Summary: irc/ircII: Update to 20210314 (CVE-2021-29376: irc/scrollz, irc/bitchx also affected)
Product: Ports & Packages Reporter: Daniel Engberg <diizzy>
Component: Individual Port(s)Assignee: freebsd-ports-bugs (Nobody) <ports-bugs>
Status: Open ---    
Severity: Affects Many People CC: andrew, freebsd, ports-secteam
Priority: Normal Keywords: needs-patch, needs-qa, security
Version: LatestFlags: bugzilla: maintainer-feedback? (andrew)
koobs: maintainer-feedback? (freebsd)
koobs: merge-quarterly?
Hardware: Any   
OS: Any   
URL: http://www.eterna.com.au/ircii/news.html
Bug Depends on: 255492    
Bug Blocks:    

Description Daniel Engberg freebsd_committer 2021-04-21 07:25:23 UTC
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29376
Also needs a vuxml entry

Probably easiest to bump it to the latest release
http://www.eterna.com.au/ircii/news.html
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2021-04-21 07:36:29 UTC
^Triage: Request feedback from irc/scrollz irc/bitchx maintainer
Comment 2 andrew 2021-04-22 03:12:01 UTC
Since this ticket has been expanded to cover multiple ports, would it be simpler if I submit a new dependent ticket to update ircII to latest? (which I will do as soon as I get a chance to test it)
Comment 3 Daniel Engberg freebsd_committer 2021-04-24 18:06:10 UTC
I'd submit a separate ticket and link it to this one
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2021-04-25 00:34:02 UTC
(In reply to andrew from comment #2)

Yep, this can be the parent/meta issue covering all updates and sub/dependent issues. Just add any this issue in the Blocks: field of any new/separate issues