Bug 257597

Summary: security/vuxml: add net-im/prosody CVE-2021-37601
Product: Ports & Packages Reporter: Thomas Morper <thomas>
Component: Individual Port(s)Assignee: Li-Wen Hsu <lwhsu>
Status: Closed FIXED    
Severity: Affects Many People CC: lwhsu, ports-secteam
Priority: ---    
Version: Latest   
Hardware: Any   
OS: Any   
URL: https://prosody.im/security/advisory_20210722/
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=257595
Attachments:
Description Flags
net-im/prosody remote information disclosure none

Description Thomas Morper 2021-08-03 17:46:05 UTC
Created attachment 226920 [details]
net-im/prosody remote information disclosure

A remote information disclosure has been discovered in the Prosody XMPP server.
An update for net-im/prosody has been submitted in bug #257595.
Comment 1 commit-hook freebsd_committer 2021-08-03 18:23:09 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=bfc6a3ee044d51a7989cb9d51b1a66c8b9efe84f

commit bfc6a3ee044d51a7989cb9d51b1a66c8b9efe84f
Author:     Thomas Morper <thomas@beingboiled.info>
AuthorDate: 2021-08-03 18:22:00 +0000
Commit:     Li-Wen Hsu <lwhsu@FreeBSD.org>
CommitDate: 2021-08-03 18:22:00 +0000

    security/vuxml: Add net-im/prosody CVE-2021-37601

    PR:             257597

 security/vuxml/vuln-2021.xml | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)