Date: Fri, 15 Apr 2022 19:47:49 GMT From: Rene Ladan <rene@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: 308ccda791a3 - main - security/vuxml: pet 'make validate' Message-ID: <202204151947.23FJlnZQ096958@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by rene: URL: https://cgit.FreeBSD.org/ports/commit/?id=308ccda791a35ece1715ba80a3716ef171625a8a commit 308ccda791a35ece1715ba80a3716ef171625a8a Author: Rene Ladan <rene@FreeBSD.org> AuthorDate: 2022-04-15 19:47:03 +0000 Commit: Rene Ladan <rene@FreeBSD.org> CommitDate: 2022-04-15 19:47:03 +0000 security/vuxml: pet 'make validate' This commit contains space/tab changes only. --- security/vuxml/vuln-2022.xml | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/security/vuxml/vuln-2022.xml b/security/vuxml/vuln-2022.xml index fd8ce31221cb..b9cef4921b3a 100644 --- a/security/vuxml/vuln-2022.xml +++ b/security/vuxml/vuln-2022.xml @@ -147,17 +147,17 @@ <range><ge>1.11.0</ge><lt>1.14.2</lt></range> </package> <package> - <name>mod_dav_svn</name> - <range><ge>1.10.0</ge><lt>1.10.8</lt></range> - <range><ge>1.11.0</ge><lt>1.14.2</lt></range> + <name>mod_dav_svn</name> + <range><ge>1.10.0</ge><lt>1.10.8</lt></range> + <range><ge>1.11.0</ge><lt>1.14.2</lt></range> </package> <package> - <name>subversion-lts</name> - <range><ge>1.10.0</ge><lt>1.10.8</lt></range> + <name>subversion-lts</name> + <range><ge>1.10.0</ge><lt>1.10.8</lt></range> </package> <package> - <name>mod_dav_svn-lts</name> - <range><ge>1.10.0</ge><lt>1.10.8</lt></range> + <name>mod_dav_svn-lts</name> + <range><ge>1.10.0</ge><lt>1.10.8</lt></range> </package> </affects> <description> @@ -165,20 +165,20 @@ <p>Subversion project reports:</p> <blockquote cite="https://subversion.apache.org/security/CVE-2021-28544-advisory.txt">; <p> - Subversion servers reveal 'copyfrom' paths that should be hidden according - to configured path-based authorization (authz) rules. When a node has been - copied from a protected location, users with access to the copy can see the - 'copyfrom' path of the original. This also reveals the fact that the node - was copied. Only the 'copyfrom' path is revealed; not its contents. Both - httpd and svnserve servers are vulnerable. - </p> - </blockquote> - <blockquote cite="https://subversion.apache.org/security/CVE-2022-24070-advisory.txt">; - <p> - While looking up path-based authorization rules, mod_dav_svn servers - may attempt to use memory which has already been freed. - </p> - </blockquote> + Subversion servers reveal 'copyfrom' paths that should be hidden according + to configured path-based authorization (authz) rules. When a node has been + copied from a protected location, users with access to the copy can see the + 'copyfrom' path of the original. This also reveals the fact that the node + was copied. Only the 'copyfrom' path is revealed; not its contents. Both + httpd and svnserve servers are vulnerable. + </p> + </blockquote> + <blockquote cite="https://subversion.apache.org/security/CVE-2022-24070-advisory.txt">; + <p> + While looking up path-based authorization rules, mod_dav_svn servers + may attempt to use memory which has already been freed. + </p> + </blockquote> </body> </description> <references>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202204151947.23FJlnZQ096958>