Bug 207740 - devel/websvn: Add patches for CVE-2013-6892 and CVE-2016-2511
Summary: devel/websvn: Add patches for CVE-2013-6892 and CVE-2016-2511
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Mark Felder
URL:
Keywords: patch-ready, security
Depends on:
Blocks:
 
Reported: 2016-03-06 13:26 UTC by Raphael Kubo da Costa
Modified: 2016-03-06 18:30 UTC (History)
4 users (show)

See Also:
rakuco: maintainer-feedback+


Attachments
Proposed patch (3.55 KB, patch)
2016-03-06 13:26 UTC, Raphael Kubo da Costa
rakuco: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Raphael Kubo da Costa freebsd_committer 2016-03-06 13:26:14 UTC
Created attachment 167760 [details]
Proposed patch

The attached patches fix two CVEs with code obtained from Debian: CVE-2013-6892 and CVE-2016-2511.

The respective vuln.xml entries have already been added.
Comment 1 Mark Felder freebsd_committer 2016-03-06 17:05:00 UTC
I approve on behalf of ports-secteam for you to commit this update without waiting for maintainer feedback. Please include MFH: 2016Q1 in the commit message and we will approve the MFH as well. If you need assistance with the merge let me know.


Thanks!
Comment 2 commit-hook freebsd_committer 2016-03-06 18:27:40 UTC
A commit references this bug:

Author: rakuco
Date: Sun Mar  6 18:26:39 UTC 2016
New revision: 410474
URL: https://svnweb.freebsd.org/changeset/ports/410474

Log:
  Add patches to fix CVE-2013-6892 and CVE-2016-2511.

  PR:		207740
  Approved by:	ports-secteam (feld)
  MFH:		2016Q1

Changes:
  head/devel/websvn/Makefile
  head/devel/websvn/files/patch-CVE-2013-6892
  head/devel/websvn/files/patch-CVE-2016-2511
Comment 3 commit-hook freebsd_committer 2016-03-06 18:30:42 UTC
A commit references this bug:

Author: rakuco
Date: Sun Mar  6 18:30:23 UTC 2016
New revision: 410475
URL: https://svnweb.freebsd.org/changeset/ports/410475

Log:
  MFH: r410474

  Add patches to fix CVE-2013-6892 and CVE-2016-2511.

  PR:		207740
  Approved by:	ports-secteam (feld)

Changes:
_U  branches/2016Q1/
  branches/2016Q1/devel/websvn/Makefile
  branches/2016Q1/devel/websvn/files/patch-CVE-2013-6892
  branches/2016Q1/devel/websvn/files/patch-CVE-2016-2511