213800 – security/vuxml: add entries for recent node.js vulnerabilities

Bug 213800 - security/vuxml: add entries for recent node.js vulnerabilities

Summary: security/vuxml: add entries for recent node.js vulnerabilities

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Mark Felder

URL:	https://nodejs.org/en/blog/vulnerabil...
Keywords:

Depends on:
Blocks:	213602 213603 213604
	Show dependency tree / graph

Reported:	2016-10-26 09:51 UTC by Bradley T. Hughes
Modified:	2016-10-28 13:34 UTC (History)
CC List:	4 users (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (ports-secteam)

Attachments
node.js vuxml entries for the October security releases (4.56 KB, patch) 2016-10-26 09:51 UTC, Bradley T. Hughes	bhughes: maintainer-approval? (ports-secteam)	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Bradley T. Hughes freebsd_committer

2016-10-26 09:51:00 UTC

Created attachment 176180 [details]
node.js vuxml entries for the October security releases

There are 2 entres: one for the c-ares bundled dependency and one for
multiple v6.x specific vulnerabilities.

https://nodejs.org/en/blog/vulnerability/october-2016-security-releases/

Comment 1 Mark Felder freebsd_committer

2016-10-28 13:33:53 UTC

Committed, thanks!

Comment 2 commit-hook freebsd_committer

2016-10-28 13:34:30 UTC

A commit references this bug:

Author: feld
Date: Fri Oct 28 13:33:41 UTC 2016
New revision: 424839
URL: https://svnweb.freebsd.org/changeset/ports/424839

Log:
  Document node vulnerabilities

  PR:		213800
  Security:	CVE-2016-5172

Changes:
  head/security/vuxml/vuln.xml