Bug 256377

Summary: inform users via vuxml about the recent remote exploitable vulnerability in isc dhcp
Product: Ports & Packages Reporter: rob2g2 <rob2g2-freebsd>
Component: Individual Port(s)Assignee: freebsd-ports-bugs (Nobody) <ports-bugs>
Status: Closed FIXED    
Severity: Affects Many People CC: ports-secteam, ports-security, rob2g2-freebsd, zi
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
vuxml entry none

Description rob2g2 2021-06-02 12:15:23 UTC
inform users about CVE-2021-25217.

maybe someone needs to edit the versions affected, I do not know to what FreeBSD version the upstream version 4.4.2-P1 will translate.
Comment 1 rob2g2 2021-06-02 12:16:29 UTC
Created attachment 225496 [details]
vuxml entry
Comment 2 commit-hook freebsd_committer freebsd_triage 2021-06-02 13:48:53 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=687785a86a755feb934a5e7eb1d902c4431ce0ad

commit 687785a86a755feb934a5e7eb1d902c4431ce0ad
Author:     Ryan Steinmetz <zi@FreeBSD.org>
AuthorDate: 2021-06-02 13:46:30 +0000
Commit:     Ryan Steinmetz <zi@FreeBSD.org>
CommitDate: 2021-06-02 13:48:26 +0000

    security/vuxml: Document isc-dhcp44-* vulnerability

    PR:             256377

 security/vuxml/vuln.xml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)
Comment 3 Ryan Steinmetz freebsd_committer freebsd_triage 2021-06-02 13:49:15 UTC
Thanks!