Date: Tue, 3 Aug 2021 18:22:14 GMT From: Li-Wen Hsu <lwhsu@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: bfc6a3ee044d - main - security/vuxml: Add net-im/prosody CVE-2021-37601 Message-ID: <202108031822.173IMEjV072984@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by lwhsu: URL: https://cgit.FreeBSD.org/ports/commit/?id=bfc6a3ee044d51a7989cb9d51b1a66c8b9efe84f commit bfc6a3ee044d51a7989cb9d51b1a66c8b9efe84f Author: Thomas Morper <thomas@beingboiled.info> AuthorDate: 2021-08-03 18:22:00 +0000 Commit: Li-Wen Hsu <lwhsu@FreeBSD.org> CommitDate: 2021-08-03 18:22:00 +0000 security/vuxml: Add net-im/prosody CVE-2021-37601 PR: 257597 --- security/vuxml/vuln-2021.xml | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/security/vuxml/vuln-2021.xml b/security/vuxml/vuln-2021.xml index bcc078f0d575..b4a482f88b4c 100644 --- a/security/vuxml/vuln-2021.xml +++ b/security/vuxml/vuln-2021.xml @@ -1,3 +1,31 @@ + <vuln vid="5ef14250-f47c-11eb-8f13-5b4de959822e"> + <topic>Prosody -- Remote Information Disclosure</topic> + <affects> + <package> + <name>prosody</name> + <range><lt>0.11.10</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>A Prosody XMPP server advisory reports:</p> + <blockquote cite="https://prosody.im/security/advisory_20210722/">; + <p>It was discovered that Prosody allows any entity to access the list of + admins, members, owners and banned entities of any federated XMPP group chat + of which they know the address.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2021-37601</cvename> + <url>https://prosody.im/security/advisory_20210722/</url>; + </references> + <dates> + <discovery>2021-07-22</discovery> + <entry>2021-08-03</entry> + </dates> + </vuln> + <vuln vid="c3c6c4a3-f47d-11eb-b632-3065ec8fd3ec"> <topic>chromium -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202108031822.173IMEjV072984>