Bug 270039

Summary:

security/vuxml: vulnerabilities in databases/mantis <2.25.6

Product:

Ports & Packages

Reporter:

Zoltan ALEXANDERSON BESSE <zab>

Component:

Individual Port(s)

Assignee:

Fernando Apesteguía <fernape>

Status:

Closed FIXED

Severity:

Affects Many People

CC:

fernape, ports-secteam

Priority:

---

Version:

Latest

Hardware:

Any

OS:

Any

URL:

https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&version=2.25.6

See Also:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270050

Attachments:

Description	Flags
patch for vuxml entry	none

Description Zoltan ALEXANDERSON BESSE 2023-03-08 14:25:49 UTC

Created attachment 240666 [details]
patch for vuxml entry

Mantis version <2.25.6 is affected by some security issues.

Comment 1 Fernando Apesteguía freebsd_committer

2023-03-09 08:18:29 UTC

Committed,

Thanks!

Comment 2 commit-hook freebsd_committer

2023-03-09 08:18:42 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=620733e416973eec341588f8025029827d015bd5

commit 620733e416973eec341588f8025029827d015bd5
Author:     Zoltan ALEXANDERSON BESSE <zab@zltech.eu>
AuthorDate: 2023-03-09 07:56:23 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-03-09 07:56:23 +0000

    security/vuxml: databases/mantis <2.25.6 CVEs

    CVE-2023-22476 and CVE-2022-31129

    ChangeLog:
    https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&amp;version=2.25.6

    PR:             270039
    Reported by:    zab@zltech.eu

 security/vuxml/vuln/2023.xml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)