Date: Thu, 10 Dec 2020 09:59:00 +0000 (UTC) From: Philip Paeps <philip@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r557424 - head/security/vuxml Message-ID: <202012100959.0BA9x0X3002283@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: philip Date: Thu Dec 10 09:58:59 2020 New Revision: 557424 URL: https://svnweb.freebsd.org/changeset/ports/557424 Log: security/vuxml: FreeBSD 11.4 is vulnerable to CVE-2020-1971 As noted in FreeBSD-SA-20:33.openssl, this vulnerability is also known to affect OpenSSL versions included in FreeBSD 11.4. However, the OpenSSL project is only giving patches for that version to premium support contract holders. The FreeBSD project does not have access to these patches and recommends FreeBSD 11.4 users to either upgrade to FreeBSD 12.x or leverage up to date versions of OpenSSL in the ports/pkg system. The FreeBSD Project may update this advisory to include FreeBSD 11.4 should patches become publicly available. Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Dec 10 09:56:27 2020 (r557423) +++ head/security/vuxml/vuln.xml Thu Dec 10 09:58:59 2020 (r557424) @@ -99,6 +99,7 @@ Notes: <name>FreeBSD</name> <range><ge>12.2</ge><lt>12.2_2</lt></range> <range><ge>12.1</ge><lt>12.1_12</lt></range> + <range><ge>11.4</ge></range> </package> </affects> <description>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202012100959.0BA9x0X3002283>