Bug 207740 - devel/websvn: Add patches for CVE-2013-6892 and CVE-2016-2511
Summary: devel/websvn: Add patches for CVE-2013-6892 and CVE-2016-2511
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Mark Felder
URL:
Keywords: patch-ready, security
Depends on:
Blocks:
 
Reported: 2016-03-06 13:26 UTC by Raphael Kubo da Costa
Modified: 2016-03-06 18:30 UTC (History)
4 users (show)

See Also:
rakuco: maintainer-feedback+

Attachments
Proposed patch (3.55 KB, patch)
2016-03-06 13:26 UTC, Raphael Kubo da Costa 		rakuco: maintainer-approval+
Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Raphael Kubo da Costa freebsd_committer freebsd_triage 2016-03-06 13:26:14 UTC 
Created attachment 167760 [details]
Proposed patch

The attached patches fix two CVEs with code obtained from Debian: CVE-2013-6892 and CVE-2016-2511.

The respective vuln.xml entries have already been added.
Comment 1 Mark Felder freebsd_committer freebsd_triage 2016-03-06 17:05:00 UTC 
I approve on behalf of ports-secteam for you to commit this update without waiting for maintainer feedback. Please include MFH: 2016Q1 in the commit message and we will approve the MFH as well. If you need assistance with the merge let me know.


Thanks!
Comment 2 commit-hook freebsd_committer freebsd_triage 2016-03-06 18:27:40 UTC 
A commit references this bug:

Author: rakuco
Date: Sun Mar  6 18:26:39 UTC 2016
New revision: 410474
URL: https://svnweb.freebsd.org/changeset/ports/410474

Log:
  Add patches to fix CVE-2013-6892 and CVE-2016-2511.

  PR:		207740
  Approved by:	ports-secteam (feld)
  MFH:		2016Q1

Changes:
  head/devel/websvn/Makefile
  head/devel/websvn/files/patch-CVE-2013-6892
  head/devel/websvn/files/patch-CVE-2016-2511
Comment 3 commit-hook freebsd_committer freebsd_triage 2016-03-06 18:30:42 UTC 
A commit references this bug:

Author: rakuco
Date: Sun Mar  6 18:30:23 UTC 2016
New revision: 410475
URL: https://svnweb.freebsd.org/changeset/ports/410475

Log:
  MFH: r410474

  Add patches to fix CVE-2013-6892 and CVE-2016-2511.

  PR:		207740
  Approved by:	ports-secteam (feld)

Changes:
_U  branches/2016Q1/
  branches/2016Q1/devel/websvn/Makefile
  branches/2016Q1/devel/websvn/files/patch-CVE-2013-6892
  branches/2016Q1/devel/websvn/files/patch-CVE-2016-2511