Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 10 Dec 2020 09:59:00 +0000 (UTC)
From:      Philip Paeps <philip@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r557424 - head/security/vuxml
Message-ID:  <202012100959.0BA9x0X3002283@repo.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: philip
Date: Thu Dec 10 09:58:59 2020
New Revision: 557424
URL: https://svnweb.freebsd.org/changeset/ports/557424

Log:
  security/vuxml: FreeBSD 11.4 is vulnerable to CVE-2020-1971
  
  As noted in FreeBSD-SA-20:33.openssl, this vulnerability is also known
  to affect OpenSSL versions included in FreeBSD 11.4.  However, the
  OpenSSL project is only giving patches for that version to premium
  support contract holders.  The FreeBSD project does not have access to
  these patches and recommends FreeBSD 11.4 users to either upgrade to
  FreeBSD 12.x or leverage up to date versions of OpenSSL in the ports/pkg
  system. The FreeBSD Project may update this advisory to include FreeBSD
  11.4 should patches become publicly available.

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Thu Dec 10 09:56:27 2020	(r557423)
+++ head/security/vuxml/vuln.xml	Thu Dec 10 09:58:59 2020	(r557424)
@@ -99,6 +99,7 @@ Notes:
 	<name>FreeBSD</name>
 	<range><ge>12.2</ge><lt>12.2_2</lt></range>
 	<range><ge>12.1</ge><lt>12.1_12</lt></range>
+	<range><ge>11.4</ge></range>
       </package>
     </affects>
     <description>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202012100959.0BA9x0X3002283>