Bug 246011 - security/vuxml cups CVE-2020-3898
Summary: security/vuxml cups CVE-2020-3898
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Tijl Coosemans
URL:
Keywords: buildisok
Depends on:
Blocks:
 
Reported: 2020-04-28 19:40 UTC by rob2g2
Modified: 2020-06-24 14:12 UTC (History)
3 users (show)

See Also:
bugzilla: maintainer-feedback? (ports-secteam)

Attachments
vuxml entry for cups (969 bytes, patch)
2020-04-28 19:40 UTC, rob2g2 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description rob2g2 2020-04-28 19:40:03 UTC 
heap based buffer overflow
Comment 1 rob2g2 2020-04-28 19:40:44 UTC 
Created attachment 213896 [details]
vuxml entry for cups
Comment 2 Steve Wills freebsd_committer freebsd_triage 2020-05-13 00:05:04 UTC 
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/145377728
Comment 3 rob2g2 2020-06-12 07:57:05 UTC 
can we have the entry?
Comment 4 Tijl Coosemans freebsd_committer freebsd_triage 2020-06-12 12:31:34 UTC 
I should be able to do the update this weekend.
Comment 5 commit-hook freebsd_committer freebsd_triage 2020-06-24 14:11:57 UTC 
A commit references this bug:

Author: tijl
Date: Wed Jun 24 14:10:57 UTC 2020
New revision: 540064
URL: https://svnweb.freebsd.org/changeset/ports/540064

Log:
  Document CUPS CVE-2019-8842 and CVE-2020-3898.

  PR:		246011
  Security:	https://github.com/apple/cups/releases/tag/v2.3.3

Changes:
  head/security/vuxml/vuln.xml