FreeBSD Mail Archives

Date:      Sun, 25 Mar 2018 14:13:51 +0000 (UTC)
From:      "Jason E. Hale" <jhale@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r465517 - head/security/vuxml
Message-ID:  <201803251413.w2PEDprC080750@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help

Author: jhale
Date: Sun Mar 25 14:13:51 2018
New Revision: 465517
URL: https://svnweb.freebsd.org/changeset/ports/465517

Log:
  Update entries for mythtv and mythtv-frontend
  
  PR:		225652

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Sun Mar 25 14:07:48 2018	(r465516)
+++ head/security/vuxml/vuln.xml	Sun Mar 25 14:13:51 2018	(r465517)
@@ -6893,6 +6893,12 @@ Using a handcrafted message, remote code execution see
 	<name>ffmpeg</name>
 	<range><lt>3.3.4</lt></range>
       </package>
+      <package>
+	<name>mythtv</name>
+	<name>mythtv-frontend</name>
+	<!-- mythtv-29.x has ffmpeg-3.2 -->
+	<range><lt>29.1</lt></range>
+      </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">;
@@ -6921,6 +6927,7 @@ Using a handcrafted message, remote code execution see
     <dates>
       <discovery>2017-09-11</discovery>
       <entry>2017-10-12</entry>
+      <modified>2018-03-25</modified>
     </dates>
   </vuln>
 
@@ -14611,6 +14618,12 @@ maliciously crafted GET request to the Horde server.</
 	<name>ffmpeg</name>
 	<range><lt>3.2.4,1</lt></range>
       </package>
+      <package>
+	<name>mythtv</name>
+	<name>mythtv-frontend</name>
+	<!-- mythtv-29.x has ffmpeg-3.2 -->
+	<range><lt>29.1</lt></range>
+      </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">;
@@ -14632,6 +14645,7 @@ maliciously crafted GET request to the Horde server.</
     <dates>
       <discovery>2017-01-25</discovery>
       <entry>2017-02-12</entry>
+      <modified>2018-03-25</modified>
     </dates>
   </vuln>
 
@@ -37344,8 +37358,7 @@ and CVE-2013-0155.</p>
 	<name>mythtv</name>
 	<name>mythtv-frontend</name>
 	<!-- mythtv-0.27.0.20140121 has ffmpeg-1.2.2+ (snapshot, f9c8726) -->
-	<!-- no known fixed version -->
-	<range><ge>0</ge></range>
+	<range><lt>0.28</lt></range>
       </package>
       <package>
 	<name>plexhometheater</name>
@@ -37385,6 +37398,7 @@ and CVE-2013-0155.</p>
     <dates>
       <discovery>2015-12-20</discovery>
       <entry>2015-12-28</entry>
+      <modified>2018-03-25</modified>
     </dates>
   </vuln>
 
@@ -39215,8 +39229,7 @@ and CVE-2013-0155.</p>
 	<name>mythtv</name>
 	<name>mythtv-frontend</name>
 	<!-- mythtv-0.27.0.20140121 has ffmpeg-1.2.2+ (snapshot, f9c8726) -->
-	<!-- no known fixed version -->
-	<range><ge>0</ge></range>
+	<range><lt>0.28</lt></range>
       </package>
       <package>
 	<name>plexhometheater</name>
@@ -39319,7 +39332,7 @@ and CVE-2013-0155.</p>
     <dates>
       <discovery>2015-11-27</discovery>
       <entry>2015-12-02</entry>
-      <modified>2015-12-28</modified>
+      <modified>2018-03-25</modified>
     </dates>
   </vuln>
 
@@ -42819,8 +42832,7 @@ and CVE-2013-0155.</p>
 	<name>mythtv</name>
 	<name>mythtv-frontend</name>
 	<!-- mythtv-0.27.0.20140121 has ffmpeg-1.2.2+ (snapshot, f9c8726) -->
-	<!-- no known fixed version -->
-	<range><ge>0</ge></range>
+	<range><lt>0.28</lt></range>
       </package>
       <package>
 	<name>plexhometheater</name>
@@ -42929,7 +42941,7 @@ and CVE-2013-0155.</p>
     <dates>
       <discovery>2015-09-05</discovery>
       <entry>2015-09-20</entry>
-      <modified>2015-09-20</modified>
+      <modified>2018-03-25</modified>
     </dates>
   </vuln>
 
@@ -44030,8 +44042,7 @@ and CVE-2013-0155.</p>
 	<name>mythtv</name>
 	<name>mythtv-frontend</name>
 	<!-- mythtv-0.27.0.20140121 has ffmpeg-1.2.2+ (snapshot, f9c8726) -->
-	<!-- no known fixed version -->
-	<range><ge>0</ge></range>
+	<range><lt>0.28</lt></range>
       </package>
     </affects>
     <description>
@@ -44057,7 +44068,7 @@ and CVE-2013-0155.</p>
     <dates>
       <discovery>2015-04-12</discovery>
       <entry>2015-09-01</entry>
-      <modified>2015-09-20</modified>
+      <modified>2018-03-25</modified>
     </dates>
   </vuln>
 
@@ -44106,8 +44117,7 @@ and CVE-2013-0155.</p>
 	<name>mythtv</name>
 	<name>mythtv-frontend</name>
 	<!-- mythtv-0.27.0.20140121 has ffmpeg-1.2.2+ (snapshot, f9c8726) -->
-	<!-- no known fixed version -->
-	<range><ge>0</ge></range>
+	<range><lt>0.28</lt></range>
       </package>
     </affects>
     <description>
@@ -44134,6 +44144,7 @@ and CVE-2013-0155.</p>
     <dates>
       <discovery>2014-12-19</discovery>
       <entry>2015-09-01</entry>
+      <modified>2018-03-25</modified>
     </dates>
   </vuln>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201803251413.w2PEDprC080750>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation