Bug 256373

Summary: inform users via security/vuxml about the recent lasso vulnerability
Product: Ports & Packages Reporter: rob2g2 <rob2g2-freebsd>
Component: Individual Port(s)Assignee: Thomas Zander <riggs>
Status: Closed FIXED    
Severity: Affects Many People CC: bofh, ports-secteam, ports-security, riggs, rob2g2-freebsd
Priority: --- Flags: riggs: maintainer-feedback+
Version: Latest   
Hardware: Any   
OS: Any   
Description Flags
vuxml entry none

Description rob2g2 2021-06-02 11:53:50 UTC
users should be informed about CVE-2021-28091.
Comment 1 rob2g2 2021-06-02 11:56:01 UTC
Created attachment 225493 [details]
vuxml entry
Comment 2 commit-hook freebsd_committer 2021-06-04 09:33:40 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=df775d9b0750551c46c5f344faa1e8789bbad071

commit df775d9b0750551c46c5f344faa1e8789bbad071
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2021-06-04 09:30:07 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2021-06-04 09:32:50 +0000

    security/vuxml: Document CVE-2021-28091 for security/lasso.

    PR:             256373
    Reported by:    spam123@bitbert.com

 security/vuxml/vuln.xml | 30 ++++++++++++++++++++++++++++++
 1 file changed, 30 insertions(+)