From nobody Wed Dec 28 00:07:14 2022 X-Original-To: dev-commits-ports-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NhWzk4lfMz1LpRg; Wed, 28 Dec 2022 00:07:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4NhWzk3t0hz3Cn1; Wed, 28 Dec 2022 00:07:14 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1672186034; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hoWHJHk94V+bjVKLRy+et48I5jcu9NFnifxCn+6S7YM=; b=NFnwZenqUJAhSDqBPqzg4K/BHHmECAM8lhwC/ZEeteRC9hwJdQ0QH6wopp+KUQ90GEfSMQ o2J4sDJSmr4w35lSgIX/HbvGxEg1HzRgY1QymnUmXyQ/tEey4hnVKklGvrTihGnCIeDVPX dxqdpSZBxRyv3JqAlflHLM5h8Wh0nHEchFWzqR0v6bdE/iPTnlDKKnrBFvQf/MvuzoOKl9 hbJrxmXfBtcR1ZVLDLxLDXvez/PrHZ49FhUV6liV8cH9hSXv0rkoIm8qMmcomwnmEM4WGO m9y6gDJ3HbvVMHLMBQt5jRIt/WlAPb4kgQbi6ObviZa9Qt4dx9jCGVt/ixmhjQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1672186034; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=hoWHJHk94V+bjVKLRy+et48I5jcu9NFnifxCn+6S7YM=; b=K/uPyw8vPeQN8YbpvbzJRgYqzuWOCBbZbA32fkzRn84mWIvwkfwy43vNZWzqvyU62+2Pmd ZpTfOgYBbIQXA4rLOBTZBjCaQ5u7/Wz7s1u2/fvoj21VF4xPqMJAnDfWya9CdkZw1G6h5z 17JiLjneLlFP0A15i6HeOnjvAdqTvsEZU+ucRdvu89Mtm8L/WVJzLAEITb+wpJuFcUekgI Fg4GU3T/le7oePtHLF1eRFhXq6X4aF8NgJgi1dm0Zn36OodSexASx9yYbW/+lyTWFGJVEc nK+hDtkfwhTSHryvW9Dm5IZJec1CJCmu+uWkWUE6bwgTEH63SZfUq6kU7BUbYA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1672186034; a=rsa-sha256; cv=none; b=Vk9MyhauiRmJgs/yd8d4Ou4mM+2ZTyTZywCIa9NcT3J2FMRZ+9qkjDE2ZABTqZ+w2hmuvZ NpfIMlyO68xw0PLITbWV3dxE8YFS9ySFH70fKuNh+Ra+WYnCUBPxNM1m903FmrLRJ6asSp L3YS4SfVGZUW8zJ5hAT6X48/LN1wD9dR6P4S5B6hOxAV/yS0pZwtjveKiXjRqZgZeM1mIt fAdI2NHXlN9+hwzV8ZEFpXMTbt7QAlY7H5a/PsbYhs2vNAiHNdAZ5LQbvcL4upT9fVjiLz 21rXUnu9dtl9G8a102I/RVOiylf0dF9WeZhLyLgivV97QoQSNFOpjIat3kw3NA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4NhWzk2rJXzV8D; Wed, 28 Dec 2022 00:07:14 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 2BS07EYC083855; Wed, 28 Dec 2022 00:07:14 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 2BS07Egp083854; Wed, 28 Dec 2022 00:07:14 GMT (envelope-from git) Date: Wed, 28 Dec 2022 00:07:14 GMT Message-Id: <202212280007.2BS07Egp083854@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Ben Woods Subject: git: 7ee4b5097a25 - main - security/vuxml: Document Netdata multiple vulnerabilities List-Id: Commits to the main branch of the FreeBSD ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-main@freebsd.org X-BeenThere: dev-commits-ports-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: woodsb02 X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 7ee4b5097a255e8c7238cca2014586a11f4641b2 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by woodsb02: URL: https://cgit.FreeBSD.org/ports/commit/?id=7ee4b5097a255e8c7238cca2014586a11f4641b2 commit 7ee4b5097a255e8c7238cca2014586a11f4641b2 Author: Ben Woods AuthorDate: 2022-12-28 00:06:50 +0000 Commit: Ben Woods CommitDate: 2022-12-28 00:06:50 +0000 security/vuxml: Document Netdata multiple vulnerabilities --- security/vuxml/vuln/2022.xml | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/security/vuxml/vuln/2022.xml b/security/vuxml/vuln/2022.xml index 6ae36d0da907..7f45e9e5fb06 100644 --- a/security/vuxml/vuln/2022.xml +++ b/security/vuxml/vuln/2022.xml @@ -1,3 +1,30 @@ + + netdata -- multiple vulnerabilities with streaming + + + netdata + 1.37.0 + + + + +

Netdata reports:

+
+

GHSA-xg38-3vmw-2978: Netdata Streaming Alert Command Injection

+

GHSA-jx85-39cw-66f2: Netdata Streaming Authentication Bypass

+
+ + + + https://github.com/netdata/netdata/security/advisories/GHSA-xg38-3vmw-2978 + https://github.com/netdata/netdata/security/advisories/GHSA-jx85-39cw-66f2 + + + 2022-11-30 + 2022-12-27 + + + freerdp -- multiple vulnerabilities