Bug 255292 - irc/ircII: Update to 20210314 (CVE-2021-29376: irc/scrollz, irc/bitchx also affected)
Summary: irc/ircII: Update to 20210314 (CVE-2021-29376: irc/scrollz, irc/bitchx also a...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Fernando Apesteguía
URL: http://www.eterna.com.au/ircii/news.html
Keywords: needs-patch, needs-qa, security
Depends on: 255492
Blocks:
  Show dependency treegraph
 
Reported: 2021-04-21 07:25 UTC by Daniel Engberg
Modified: 2022-12-01 16:08 UTC (History)
5 users (show)

See Also:
bugzilla: maintainer-feedback? (andrew)
koobs: maintainer-feedback? (freebsd)
koobs: merge-quarterly?


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Daniel Engberg freebsd_committer freebsd_triage 2021-04-21 07:25:23 UTC
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-29376
Also needs a vuxml entry

Probably easiest to bump it to the latest release
http://www.eterna.com.au/ircii/news.html
Comment 1 Kubilay Kocak freebsd_committer freebsd_triage 2021-04-21 07:36:29 UTC
^Triage: Request feedback from irc/scrollz irc/bitchx maintainer
Comment 2 Andrew "RhodiumToad" Gierth 2021-04-22 03:12:01 UTC
Since this ticket has been expanded to cover multiple ports, would it be simpler if I submit a new dependent ticket to update ircII to latest? (which I will do as soon as I get a chance to test it)
Comment 3 Daniel Engberg freebsd_committer freebsd_triage 2021-04-24 18:06:10 UTC
I'd submit a separate ticket and link it to this one
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2021-04-25 00:34:02 UTC
(In reply to andrew from comment #2)

Yep, this can be the parent/meta issue covering all updates and sub/dependent issues. Just add any this issue in the Blocks: field of any new/separate issues
Comment 5 Chris Petrik 2022-03-20 20:37:50 UTC
(In reply to andrew from comment #2)
Can you please create a ticket for irc/bitchx so I can find a fix or fix it myself ? or mark it as broken for the time being ?
Comment 6 Chris Petrik 2022-03-20 23:38:39 UTC
PR 262693 was added for irc/scrollz
Comment 7 Fernando Apesteguía freebsd_committer freebsd_triage 2022-12-01 16:08:36 UTC
Closing since all the three ports were updated. irc/bitchx in c4a37205059c6f8e365b50ee29e82e15a3e41221