Bug 216665 - www/ikiwiki - multiple vulnerabilities
Summary: www/ikiwiki - multiple vulnerabilities
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Jason Unovitch
URL:
Keywords: security
Depends on:
Blocks:
 
Reported: 2017-01-31 04:04 UTC by Sevan Janiyan
Modified: 2017-03-05 03:25 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Mathieu Arnold freebsd_committer 2017-01-31 09:34:42 UTC
over to the ports-secteam
Comment 2 commit-hook freebsd_committer 2017-03-05 03:18:50 UTC
A commit references this bug:

Author: junovitch
Date: Sun Mar  5 03:18:06 UTC 2017
New revision: 435444
URL: https://svnweb.freebsd.org/changeset/ports/435444

Log:
  Document ikiwiki vulnerabilities

  PR:		216665
  Reported by:	sevan
  Security:	CVE-2016-9645
  Security:	CVE-2016-10026
  Security:	CVE-2017-0356
  Security:	https://vuxml.FreeBSD.org/freebsd/5ed094a0-0150-11e7-ae1b-002590263bf5.html
  Security:	https://vuxml.FreeBSD.org/freebsd/7b35a77a-0151-11e7-ae1b-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml
Comment 3 Jason Unovitch freebsd_committer 2017-03-05 03:20:45 UTC
Sevan,
Thanks again. issues are documented and the missing merge is in https://svnweb.FreeBSD.org/changeset/ports/435445 to address the latest issue.
Comment 4 commit-hook freebsd_committer 2017-03-05 03:25:58 UTC
A commit references this bug:

Author: junovitch
Date: Sun Mar  5 03:25:10 UTC 2017
New revision: 435446
URL: https://svnweb.freebsd.org/changeset/ports/435446

Log:
  Add missing reference to last commit for ikiwiki vulnerabilities

  PR:		216665
  Reported by:	sevan
  Security:	CVE-2016-9646
  Security:	https://vuxml.FreeBSD.org/freebsd/5ed094a0-0150-11e7-ae1b-002590263bf5.html

Changes:
  head/security/vuxml/vuln.xml