Summary: | mail/squirrelmail: Request to update to a newer snapshot | ||
---|---|---|---|
Product: | Ports & Packages | Reporter: | Alexander Vereeken <Alexander88207> |
Component: | Individual Port(s) | Assignee: | freebsd-ports-bugs (Nobody) <ports-bugs> |
Status: | Closed Not A Bug | ||
Severity: | Affects Only Me | CC: | byrnejb, uzsolt |
Priority: | --- | Flags: | bugzilla:
maintainer-feedback?
(uzsolt) |
Version: | Latest | ||
Hardware: | Any | ||
OS: | Any |
Description
Alexander Vereeken
2021-10-14 20:37:06 UTC
Please see: https://forums.freebsd.org/threads/has-squirrelmail-cve-2020-14933-been-patched.82447/#post-537027 Project team claims there is no vulnerability. Investigation shows that this CVE was created through a misinformed post on Openwall (https://www.openwall.com/lists/oss-security/2020/06/20/1). However, to negate this CVE requires a notice be sent to NIST by either the vendor (FreeBSD) or the developer (SquirrelMail) or both. Alright, thanks! |