Tracking issue to coordinate and link related issues and changes in FreeBSD related to the announced vulnerability: Quote: Magellan is a remote code execution vulnerability discovered by Tencent Blade Team that exists in SQLite. As a well-known database, SQLite is widely used in all modern mainstream operating systems and software, so this vulnerability has a wide range of influence. After testing Chromium was also affected by this vulnerability, Google has confirmed and fixed this vulnerability. We will not disclose any details of the vulnerability at this time, and we are pushing other vendors to fix this vulnerability as soon as possible. Additional References: - https://access.redhat.com/errata/RHSA-2018:3803 - https://www.debian.org/security/2018/dsa-4352 - https://lwn.net/Articles/774463/
what is the current status? Does ports-secteam have to be active here?
This was a tracking issue to make it easier for our secteams to coordinate complete resolution, in case it wasn't done in a timely manner by people responsible for updating the various involved components.. All subtasks has been resolved, closing FIXED