Date: Thu, 30 Sep 2021 10:17:56 +1000 From: Kubilay Kocak <koobs@FreeBSD.org> To: Alex Kozlov <ak@FreeBSD.org>, FreeBSD Ports Security Team <ports-secteam@freebsd.org> Cc: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: Re: git: 0e6da3c2e1f0 - main - archivers/ha: Fix CVE-2015-1198 Message-ID: <5046fa33-4bb4-b9f8-7812-0321c71b5afe@FreeBSD.org> In-Reply-To: <20210929103230.GA81981@ravenloft.kiev.ua> References: <202109271752.18RHqsxu095384@gitrepo.freebsd.org> <d3cc0d62-f541-d8aa-4526-ae6b92711a39@FreeBSD.org> <20210929103230.GA81981@ravenloft.kiev.ua>
next in thread | previous in thread | raw e-mail | index | archive | help
On 29/09/2021 8:32 pm, Alex Kozlov wrote: > On Wed, Sep 29, 2021 at 10:50:13AM +1000, Kubilay Kocak wrote: >> On 28/09/2021 3:52 am, Alex Kozlov wrote: >>> The branch main has been updated by ak: >>> >>> URL: https://cgit.FreeBSD.org/ports/commit/?id=0e6da3c2e1f0ca151be9e6428dcc9c0b7f19d170 >>> >>> commit 0e6da3c2e1f0ca151be9e6428dcc9c0b7f19d170 >>> Author: Alex Kozlov <ak@FreeBSD.org> >>> AuthorDate: 2021-09-27 17:42:12 +0000 >>> Commit: Alex Kozlov <ak@FreeBSD.org> >>> CommitDate: 2021-09-27 17:42:12 +0000 >>> >>> archivers/ha: Fix CVE-2015-1198 >>> Fix directory traversal vulnerabilities (CVE-2015-1198) >>> Reported by: decke >> >> Hi Alex, could you merge this to quarterly? > I could, but 2021Q4 will be created in a few days, so I am not sure there is a need > to do that. > > That will leave the current branch vulnerable. @ports-secteam, could you VuXML and MFH please
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5046fa33-4bb4-b9f8-7812-0321c71b5afe>