Bug 254780 - security/vuxml: Document information disclosure vulnerability in python.
Summary: security/vuxml: Document information disclosure vulnerability in python.
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Thomas Zander
URL:
Keywords: patch, security
Depends on:
Blocks: 254783
  Show dependency treegraph
 
Reported: 2021-04-05 09:55 UTC by Yasuhiro Kimura
Modified: 2021-04-13 09:32 UTC (History)
2 users (show)

See Also:
riggs: maintainer-feedback+

Attachments
Patch file (1.67 KB, patch)
2021-04-05 09:55 UTC, Yasuhiro Kimura 		no flags Details | Diff
Updated patch file (2.08 KB, patch)
2021-04-10 02:00 UTC, Yasuhiro Kimura 		no flags Details | Diff
Show Obsolete (1) View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Yasuhiro Kimura freebsd_committer freebsd_triage 2021-04-05 09:55:25 UTC 
Created attachment 223819 [details]
Patch file

Document information disclosure vulnerability in python.
Comment 1 Yasuhiro Kimura freebsd_committer freebsd_triage 2021-04-10 02:00:22 UTC 
Created attachment 223969 [details]
Updated patch file

Chase update of ports tree.
Comment 2 commit-hook freebsd_committer freebsd_triage 2021-04-10 07:14:32 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=1d4cfc12c8fa8c58010c2468a2181bcc96302e36

commit 1d4cfc12c8fa8c58010c2468a2181bcc96302e36
Author:     Thomas Zander <riggs@FreeBSD.org>
AuthorDate: 2021-04-10 07:05:37 +0000
Commit:     Thomas Zander <riggs@FreeBSD.org>
CommitDate: 2021-04-10 07:13:03 +0000

    security/vuxml: Document information disclosure vulnerability in python.
    PR:             254780
    Reported by:    yasu@utahime.org
    Security:       CVE-2021-3426

 security/vuxml/vuln.xml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)