Date: Thu, 12 Jan 2017 11:53:46 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 215988] security/vuxml: Document shell escape vulnerability in shells/lshell Message-ID: <bug-215988-13-eJPrv0ReCC@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-215988-13@https.bugs.freebsd.org/bugzilla/> References: <bug-215988-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D215988 Vladimir Krstulja <vlad-fbsd@acheronmedia.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Assignee|freebsd-ports-bugs@FreeBSD. |ports-secteam@FreeBSD.org |org | Status|New |Open Summary|shells/lshell - shell |security/vuxml: Document |escape vulnerability in |shell escape vulnerability |0.9.16_2 |in shells/lshell --- Comment #1 from Vladimir Krstulja <vlad-fbsd@acheronmedia.com> --- Thanks for the info. I've checked the issue you linked, was going to prepare the vuxml entry, but I don't see that being fixed in 0.9.18. The issue was filed 2016-08-22, still open, but 0.9.18 is tagged on 2016-02-25. Please correct me if I'm wrong. As you submitted the update request with taking maintainership in bug #2159= 89, I'd like to ask you to please collate the security issues up to including 0.9.18 and help us document the vulnerabilities better. Perhaps you could ask the upstream to tag 0.9.19 (I'm assuming is the next)= so this could be cleanly included with upstream fixes. Rebasing this issue to security/vuxml. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-215988-13-eJPrv0ReCC>