Date: Tue, 15 Jan 2019 12:20:44 +0000 (UTC) From: Steve Wills <swills@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r490365 - head/security/vuxml Message-ID: <201901151220.x0FCKiRL094437@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: swills Date: Tue Jan 15 12:20:43 2019 New Revision: 490365 URL: https://svnweb.freebsd.org/changeset/ports/490365 Log: Document py-matrix-synapse issue PR: 234828 Submitted by: Sascha Biberhofer <ports@skyforge.at> (with slight editing) Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Jan 15 12:07:01 2019 (r490364) +++ head/security/vuxml/vuln.xml Tue Jan 15 12:20:43 2019 (r490365) @@ -58,6 +58,35 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="383931ba-1818-11e9-92ea-448a5b29e8a9"> + <topic>py-matrix-synapse -- undisclosed vulnerability</topic> + <affects> + <package> + <name>py27-matrix-synapse</name> + <name>py35-matrix-synapse</name> + <name>py36-matrix-synapse</name> + <name>py37-matrix-synapse</name> + <range><lt>0.34.1.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Matrix developers report:</p> + <blockquote cite="https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/"> + <p>The matrix team announces the availablility of synapse security releases 0.34.0.1 and 0.34.1.1, fixing CVE-2019-5885.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2019-5885</cvename> + <url>https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/</url> + </references> + <dates> + <discovery>2019-01-10</discovery> + <entry>2019-01-15</entry> + </dates> + </vuln> + <vuln vid="d38bbb79-14f3-11e9-9ce2-28d244aee256"> <topic>irssi -- Use after free</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201901151220.x0FCKiRL094437>