Bug 254772 - security/vuxml: Document 2 vulnerabilities in cURL
Summary: security/vuxml: Document 2 vulnerabilities in cURL
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Thomas Zander
URL:
Keywords: patch
: 254912 (view as bug list)
Depends on:
Blocks: 254773
  Show dependency treegraph
 
Reported: 2021-04-04 22:12 UTC by Yasuhiro Kimura
Modified: 2021-04-10 06:33 UTC (History)
3 users (show)

See Also:
riggs: maintainer-feedback+


Attachments
Patch file (3.58 KB, patch)
2021-04-04 22:12 UTC, Yasuhiro Kimura
no flags Details | Diff
Updated patch file (3.98 KB, patch)
2021-04-10 01:57 UTC, Yasuhiro Kimura
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Yasuhiro Kimura 2021-04-04 22:12:52 UTC
Created attachment 223811 [details]
Patch file

Document 2 vulnerabilities in cURL (CVE-2021-22876, CVE-2021-22890).
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2021-04-09 10:21:42 UTC
*** Bug 254912 has been marked as a duplicate of this bug. ***
Comment 2 Yasuhiro Kimura 2021-04-10 01:57:31 UTC
Created attachment 223968 [details]
Updated patch file

Chase update of ports tree.
Comment 3 commit-hook freebsd_committer 2021-04-10 06:32:27 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=1e8993822a938afd8bd61f5914150ed173a394bb

commit 1e8993822a938afd8bd61f5914150ed173a394bb
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2021-04-10 06:24:55 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2021-04-10 06:31:41 +0000

    security/vuxml: Document 2 vulnerabilities in ftp/curl
    Security:       CVE-2021-22876
                    CVE-2021-22890

    PR:             254772
    Reported by:    yasu@utahime.org

 security/vuxml/vuln.xml | 87 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 87 insertions(+)