Bug 270039 - security/vuxml: vulnerabilities in databases/mantis <2.25.6
Summary: security/vuxml: vulnerabilities in databases/mantis <2.25.6
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Many People
Assignee: Fernando Apesteguía
URL: https://mantisbt.org/bugs/changelog_p...
Keywords:
Depends on:
Blocks:
 
Reported: 2023-03-08 14:25 UTC by Zoltan ALEXANDERSON BESSE
Modified: 2023-03-09 08:18 UTC (History)
2 users (show)

See Also:

Attachments
patch for vuxml entry (1.58 KB, patch)
2023-03-08 14:25 UTC, Zoltan ALEXANDERSON BESSE 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Zoltan ALEXANDERSON BESSE 2023-03-08 14:25:49 UTC 
Created attachment 240666 [details]
patch for vuxml entry

Mantis version <2.25.6 is affected by some security issues.
Comment 1 Fernando Apesteguía freebsd_committer freebsd_triage 2023-03-09 08:18:29 UTC 
Committed,

Thanks!
Comment 2 commit-hook freebsd_committer freebsd_triage 2023-03-09 08:18:42 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=620733e416973eec341588f8025029827d015bd5

commit 620733e416973eec341588f8025029827d015bd5
Author:     Zoltan ALEXANDERSON BESSE <zab@zltech.eu>
AuthorDate: 2023-03-09 07:56:23 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-03-09 07:56:23 +0000

    security/vuxml: databases/mantis <2.25.6 CVEs

    CVE-2023-22476 and CVE-2022-31129

    ChangeLog:
    https://mantisbt.org/bugs/changelog_page.php?project=mantisbt&amp;version=2.25.6

    PR:             270039
    Reported by:    zab@zltech.eu

 security/vuxml/vuln/2023.xml | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)