Bug 280313

Summary:

security/vuxml: references 3 CVE for www/glpi < 10.0.16

Product:

Ports & Packages

Reporter:

Mathias Monnerville <mathias>

Component:

Individual Port(s)

Assignee:

Zsolt Udvari <uzsolt>

Status:

Closed FIXED

Severity:

Affects Many People

CC:

mathias, philip, ports-secteam, uzsolt

Priority:

---

Version:

Latest

Hardware:

Any

OS:

Any

See Also:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280312

Attachments:

Description	Flags
CVE entry affecting glpi < 10.0.16	mathias: maintainer-approval+

Description Mathias Monnerville 2024-07-16 08:00:29 UTC

Created attachment 252098 [details]
CVE entry affecting glpi < 10.0.16

New CVE entry affecting www/glpi < 10.0.16

Related to the update to www/glpi to 10.0.16:

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280312

This patch includes one vuln entry referencing 3 CVE fixed in GLPI 10.0.16.

Comment 1 commit-hook freebsd_committer

2024-07-29 06:17:57 UTC

A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=ce3e9bc7ca66471f27b1745ee0306964b4cfcbd4

commit ce3e9bc7ca66471f27b1745ee0306964b4cfcbd4
Author:     Mathias Monnerville <mathias@monnerville.com>
AuthorDate: 2024-07-29 06:15:12 +0000
Commit:     Zsolt Udvari <uzsolt@FreeBSD.org>
CommitDate: 2024-07-29 06:15:12 +0000

    security/vuxml: document glpi vulnerability

    PR:             280313

 security/vuxml/vuln/2024.xml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

Comment 2 Zsolt Udvari freebsd_committer

2024-07-29 06:18:33 UTC

Committed, thanks!