Bug 214532 - security/vuxml: Document www/libwww vulnerability
Summary: security/vuxml: Document www/libwww vulnerability
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Jason Unovitch
URL:
Keywords: patch, security
Depends on:
Blocks: 214546
  Show dependency treegraph
 
Reported: 2016-11-15 14:21 UTC by Danilo G. Baio
Modified: 2016-11-29 23:04 UTC (History)
3 users (show)

See Also:
vlad-fbsd: maintainer-feedback? (ports-secteam)

Attachments
vuxml-libwww.patch (1.34 KB, patch)
2016-11-15 14:21 UTC, Danilo G. Baio 		no flags Details | Diff
vuxml-libwww_v02.patch (2.61 KB, patch)
2016-11-15 20:38 UTC, Danilo G. Baio 		no flags Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Danilo G. Baio freebsd_committer freebsd_triage 2016-11-15 14:21:32 UTC 
Created attachment 177022 [details]
vuxml-libwww.patch

- Document www/libwww vulnerability
Comment 1 Danilo G. Baio freebsd_committer freebsd_triage 2016-11-15 20:38:52 UTC 
Created attachment 177034 [details]
vuxml-libwww_v02.patch


Actually, there are other vulnerabilities.
Updating patch.
Comment 2 marius 2016-11-19 10:58:41 UTC 
Looks good to me.
Comment 3 Jason Unovitch freebsd_committer freebsd_triage 2016-11-29 01:19:13 UTC 
Take for review. Should commit tomorrow.
Comment 4 commit-hook freebsd_committer freebsd_triage 2016-11-29 22:59:13 UTC 
A commit references this bug:

Author: junovitch
Date: Tue Nov 29 22:58:53 UTC 2016
New revision: 427402
URL: https://svnweb.freebsd.org/changeset/ports/427402

Log:
  Document libwww vulnerabilities

  PR:		214532
  Submitted by:	Danilo G. Baio <dbaio@bsd.com.br>
  Security:	CVE-2009-3720
  Security:	CVE-2009-3560
  Security:	CVE-2005-3183
  Security:	https://vuxml.FreeBSD.org/freebsd/18449f92-ab39-11e6-8011-005056925db4.html

Changes:
  head/security/vuxml/vuln.xml
Comment 5 Jason Unovitch freebsd_committer freebsd_triage 2016-11-29 23:04:13 UTC 
Committed. Thanks!