Bug 269147 - security/vuxml: document CVE-2018-21232 for devel/re2c < 2.0
Summary: security/vuxml: document CVE-2018-21232 for devel/re2c < 2.0
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Many People
Assignee: Nuno Teixeira
URL: https://github.com/advisories/GHSA-pg...
Keywords: needs-patch, security
Depends on:
Reported: 2023-01-25 07:22 UTC by Graham Perrin
Modified: 2023-01-25 08:16 UTC (History)
3 users (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Graham Perrin freebsd_committer 2023-01-25 07:22:45 UTC
As far as I can tell, this was fixed with <https://cgit.freebsd.org/ports/commit/?id=2bf3900fc8bfca9c896d6d844e336663a40fbfa9>, however there's no sign of a former vulnerability at 
Comment 1 commit-hook freebsd_committer 2023-01-25 08:14:45 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=1e6f41078eae790b4bf937e6a78c2f4c74bdda24

commit 1e6f41078eae790b4bf937e6a78c2f4c74bdda24
Author:     Nuno Teixeira <eduardo@FreeBSD.org>
AuthorDate: 2023-01-25 08:11:56 +0000
Commit:     Nuno Teixeira <eduardo@FreeBSD.org>
CommitDate: 2023-01-25 08:11:56 +0000

    security/vuxml: Document CVE-2018-21232 for devel/re2c < 2.0

    PR:             269147
    Reported by:    grahamperrin

 security/vuxml/vuln/2023.xml | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
Comment 2 Nuno Teixeira freebsd_committer 2023-01-25 08:16:30 UTC
Committed, thanks!