Date: Fri, 31 May 2024 13:27:14 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 279436] devel/py-configobj is vulnerable GHSA-c33w-24p9-8m24 CVE-2023-26112 Message-ID: <bug-279436-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D279436 Bug ID: 279436 Summary: devel/py-configobj is vulnerable GHSA-c33w-24p9-8m24 CVE-2023-26112 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: nivit@FreeBSD.org Reporter: void@f-m.fm Flags: maintainer-feedback?(nivit@FreeBSD.org) Assignee: nivit@FreeBSD.org Hi, devel/py-configobj (py311-configobj-5.0.8) in ports is vulnerable: https://github.com/advisories/GHSA-c33w-24p9-8m24 https://nvd.nist.gov/vuln/detail/CVE-2023-26112 https://github.com/pytroll/pyresample/issues/589 There doesn't appear to be an update for it. This vuln isn't in vulnxml. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-279436-7788>