Bug 247714 - security/vuxml update: coturn CVE-2020-4067
Summary: security/vuxml update: coturn CVE-2020-4067
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Yuri Victorovich
Depends on:
Reported: 2020-07-02 12:26 UTC by rob2g2
Modified: 2020-07-03 03:08 UTC (History)
4 users (show)

See Also:
koobs: maintainer-feedback+

vuxml patch to include coturn CVE-2020-4067 (1.16 KB, patch)
2020-07-02 12:26 UTC, rob2g2
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description rob2g2 2020-07-02 12:26:16 UTC
Created attachment 216137 [details]
vuxml patch to include coturn CVE-2020-4067

inform users about information leakage vulnerability in coturn (CVE-2020-4067)
Comment 1 Yuri Victorovich freebsd_committer 2020-07-02 17:34:54 UTC
Committed in r541049.

Sorry, I missed the attribution in the commit to this bug and the submitter.

Thank you for your patch!
Comment 2 Kubilay Kocak freebsd_committer freebsd_triage 2020-07-03 02:10:41 UTC

- Assign to committer that resolved

@Yuri If there were Bugzilla issues related to addressing these security vulnerabilities, please include them in this issues "Depends On" field. If they don't exist, please create them for any/all affected port origins
Comment 3 Yuri Victorovich freebsd_committer 2020-07-03 03:08:39 UTC
(In reply to Kubilay Kocak from comment #2)

Hi Kubilay,

This vulnerability issue is resolved in the current port version.
The problem existed only before the latest update.