Bug 247725 - security/vuxml samba vulnerabilities
Summary: security/vuxml samba vulnerabilities
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Ports Security Team
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-07-02 20:45 UTC by rob2g2
Modified: 2020-07-05 00:49 UTC (History)
4 users (show)

See Also:
bugzilla: maintainer-feedback? (ports-secteam)
koobs: maintainer-feedback? (timur)


Attachments
patch for vuxml to include recent samba CVEs (1.73 KB, patch)
2020-07-02 20:45 UTC, rob2g2
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description rob2g2 2020-07-02 20:45:52 UTC
Created attachment 216153 [details]
patch for vuxml to include recent samba CVEs

inform users of CVE-2020-10730, CVE-2020-10745, CVE-2020-10760, CVE-2020-14303
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2020-07-03 01:58:29 UTC
@Timur Is there an issue tracking the version updates necessary to address these vulnerabilities? If so, please add it to this issues "Depends On" field
Comment 2 Timur I. Bakeyev freebsd_committer 2020-07-05 00:46:35 UTC
Committed, thanks!
Comment 3 commit-hook freebsd_committer 2020-07-05 00:46:44 UTC
A commit references this bug:

Author: timur
Date: Sun Jul  5 00:45:53 UTC 2020
New revision: 541244
URL: https://svnweb.freebsd.org/changeset/ports/541244

Log:
  Add entry about Samba vulnerabilities CVE-2020-10730, CVE-2020-10745, CVE-2020-10760, CVE-2020-14303

  PR:		247725
  Security:	CVE-2020-10730
  		CVE-2020-10745
  		CVE-2020-10760
  		CVE-2020-14303

Changes:
  head/security/vuxml/vuln.xml
Comment 4 Timur I. Bakeyev freebsd_committer 2020-07-05 00:49:33 UTC
(In reply to Kubilay Kocak from comment #1)

There've been some minor code changes, that broke the compilation, but that was hot patched.

The ports should be up-to-date now.