214941 – ftp/wget - missing vuxml entry

Bug 214941 - ftp/wget - missing vuxml entry

Summary: ftp/wget - missing vuxml entry

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Some People
Assignee:	Vasil Dimov

URL:
Keywords:	security

Depends on:
Blocks:

Reported:	2016-11-30 02:01 UTC by Sevan Janiyan
Modified:	2016-11-30 12:09 UTC (History)
CC List:	1 user (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (vd)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Sevan Janiyan 2016-11-30 02:01:48 UTC

CVE-2016-7098
https://legalhackers.com/advisories/Wget-Exploit-ACL-bypass-RaceCond-CVE-2016-7098.html

Comment 1 commit-hook freebsd_committer

2016-11-30 12:07:44 UTC

A commit references this bug:

Author: vd
Date: Wed Nov 30 12:07:31 UTC 2016
New revision: 427421
URL: https://svnweb.freebsd.org/changeset/ports/427421

Log:
  Document ftp/wget's Access List Bypass / Race Condition vulnerability

  PR:		214941
  Submitted by:	Sevan Janiyan <venture37@geeklan.co.uk>
  Security:	CVE-2016-7098

Changes:
  head/security/vuxml/vuln.xml

Comment 2 Vasil Dimov freebsd_committer

2016-11-30 12:09:02 UTC

Added, thanks!