Bug 247406 - deskutils/anydesk: Update to 5.5.5
Summary: deskutils/anydesk: Update to 5.5.5
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Jochen Neumeister
URL: https://download.anydesk.com/changelo...
Keywords: buildisok, needs-qa, security
Depends on:
Blocks:
 
Reported: 2020-06-19 08:40 UTC by Martin Filla
Modified: 2020-07-05 09:08 UTC (History)
5 users (show)

See Also:
koobs: merge-quarterly?


Attachments
anydesk.patch (1.18 KB, patch)
2020-06-19 08:40 UTC, Martin Filla
no flags Details | Diff
anydesk.patch (1.34 KB, patch)
2020-06-19 08:54 UTC, Martin Filla
freebsd: maintainer-approval+
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Martin Filla 2020-06-19 08:40:14 UTC
Created attachment 215765 [details]
anydesk.patch

Update anydesk to version 5.5.5
Comment 1 Lewis Cook freebsd_triage 2020-06-19 08:44:48 UTC
^Triage:

- If there is a changelog or release notes URL available for this version, please add it to the URL field

- Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval

Attachment -> Details -> maintainer-approval [+]
Comment 2 Automation User 2020-06-19 08:48:36 UTC
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/157957363
Comment 3 Martin Filla 2020-06-19 08:54:37 UTC
Created attachment 215766 [details]
anydesk.patch
Comment 4 Lewis Cook freebsd_triage 2020-06-19 08:59:22 UTC
(In reply to Martin Filla from comment #3)
For future reference, you can change the maintainer-approval flag to [+] on already existing attachments without needing to re-submit another. ;)

^Lewis
Comment 5 Automation User 2020-06-19 09:03:15 UTC
Build info is available at https://gitlab.com/swills/freebsd-ports/pipelines/157962981
Comment 6 Martin Filla 2020-06-29 12:01:23 UTC
(In reply to Lewis Cook from comment #4)

This are next links for issues
https://nvd.nist.gov/vuln/detail/CVE-2020-13160
https://www.exploit-database.net/?id=102449
Comment 7 commit-hook freebsd_committer 2020-07-04 15:38:30 UTC
A commit references this bug:

Author: joneum
Date: Sat Jul  4 15:37:59 UTC 2020
New revision: 541220
URL: https://svnweb.freebsd.org/changeset/ports/541220

Log:
  Add entry for anydesk

  PR:		247406
  Sponsored by:	Netzkommune GmbH

Changes:
  head/security/vuxml/vuln.xml
Comment 9 commit-hook freebsd_committer 2020-07-05 09:03:37 UTC
A commit references this bug:

Author: joneum
Date: Sun Jul  5 09:03:26 UTC 2020
New revision: 541261
URL: https://svnweb.freebsd.org/changeset/ports/541261

Log:
  Update to 5.5.5

  This Update fix CVE-2020-13160: AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution.

  PR:		247406
  Submitted by:	Martin Filla <freebsd@sysctl.cz> (maintainer)
  MFH:		2020Q3
  Security:	4344861a-be0b-11ea-9172-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

Changes:
  head/deskutils/anydesk/Makefile
  head/deskutils/anydesk/distinfo
Comment 10 commit-hook freebsd_committer 2020-07-05 09:06:40 UTC
A commit references this bug:

Author: joneum
Date: Sun Jul  5 09:06:12 UTC 2020
New revision: 541262
URL: https://svnweb.freebsd.org/changeset/ports/541262

Log:
  MFH: r541261

  Update to 5.5.5

  This Update fix CVE-2020-13160: AnyDesk before 5.5.3 on Linux and FreeBSD has a format string vulnerability that can be exploited for remote code execution.

  PR:		247406
  Submitted by:	Martin Filla <freebsd@sysctl.cz> (maintainer)
  Security:	4344861a-be0b-11ea-9172-4c72b94353b5
  Sponsored by:	Netzkommune GmbH

  Approved by:	ports-secteam (with hat)

Changes:
_U  branches/2020Q3/
  branches/2020Q3/deskutils/anydesk/Makefile
  branches/2020Q3/deskutils/anydesk/distinfo