204416 – www/p5-HTML-Scrubber - missing vuxml entry for CVE-2015-5667

Bug 204416 - www/p5-HTML-Scrubber - missing vuxml entry for CVE-2015-5667

Summary: www/p5-HTML-Scrubber - missing vuxml entry for CVE-2015-5667

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Jason Unovitch

URL:
Keywords:	security

Depends on:
Blocks:

Reported:	2015-11-10 02:03 UTC by Sevan Janiyan
Modified:	2015-11-15 22:43 UTC (History)
CC List:	2 users (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (perl) junovitch: merge-quarterly+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sevan Janiyan 2015-11-10 02:03:08 UTC

http://jvndb.jvn.jp/en/contents/2015/JVNDB-2015-000171.html

Comment 1 commit-hook freebsd_committer

2015-11-11 02:17:24 UTC

A commit references this bug:

Author: junovitch
Date: Wed Nov 11 02:16:23 UTC 2015
New revision: 401223
URL: https://svnweb.freebsd.org/changeset/ports/401223

Log:
  Document p5-HTML-Scrubber XSS vulnerability

  PR:		204416
  Reported by:	Sevan Janiyan <venture37@geeklan.co.uk>
  Security:	CVE-2015-5667
  Security:	https://vuxml.FreeBSD.org/freebsd/2f7f4db2-8819-11e5-ab94-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml

Comment 2 Jason Unovitch freebsd_committer

2015-11-11 02:24:04 UTC

Take for reminder and pending MFH approval.

Comment 3 Jason Unovitch freebsd_committer

2015-11-15 22:43:35 UTC

- Set merge-quarterly+ -- https://svnweb.FreeBSD.org/changeset/ports/401736
- Close PR

Sevan, thanks again for the keen eye.