Date: Sun, 19 Dec 2021 07:08:26 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 260534] devel/opengrok security vulnerability CVE-2021-2322 Message-ID: <bug-260534-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260534 Bug ID: 260534 Summary: devel/opengrok security vulnerability CVE-2021-2322 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: truckman@FreeBSD.org Reporter: luke@foolishgames.com Assignee: truckman@FreeBSD.org Flags: maintainer-feedback?(truckman@FreeBSD.org) The current version of devel/opengrok is vulnerable to an easy exploitable issue that allows remote takeover of the opengrok instance.=20 https://www.cvedetails.com/cve/CVE-2021-2322/ Needs to be updated past 1.6.7 to fix and perhaps a mention in the security/vuxml file --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-260534-7788>