Bug 247340 - security/vuxml dbus vulnerability
Summary: security/vuxml dbus vulnerability
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-desktop (Nobody)
URL:
Keywords: buildisok
Depends on:
Blocks:
 
Reported: 2020-06-17 10:38 UTC by rob2g2
Modified: 2020-07-03 06:04 UTC (History)
5 users (show)

See Also:


Attachments
vuxml entry for dbus - CVE-2020-12049 (1.07 KB, patch)
2020-06-17 10:38 UTC, rob2g2
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description rob2g2 2020-06-17 10:38:31 UTC
Created attachment 215654 [details]
vuxml entry for dbus - CVE-2020-12049

make a vuxml entry for dbus issue CVE-2020-12049
Comment 1 Automation User 2020-07-02 00:22:36 UTC
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/162229165
Comment 2 commit-hook freebsd_committer 2020-07-03 06:03:40 UTC
A commit references this bug:

Author: tcberner
Date: Fri Jul  3 06:02:40 UTC 2020
New revision: 541073
URL: https://svnweb.freebsd.org/changeset/ports/541073

Log:
  Document vulnerability in dbus < 2.12.18

  * See [1] for details.
  * The port is already updated to 2.12.18.

  [1] https://gitlab.freedesktop.org/dbus/dbus/-/issues/294

  PR:		247340
  Submitted by:	rob2g2 <spam123@bitbert.com>
  Security:	CVE-2020-12049

Changes:
  head/security/vuxml/vuln.xml
Comment 3 Tobias C. Berner freebsd_committer 2020-07-03 06:04:19 UTC
Sorry, I saw this a bit late; the port is already updated to 2.12.18. 

mfg Tobias