Date: Wed, 25 May 2022 01:03:59 +0000
From: bugzilla-noreply@freebsd.org
To: ports-bugs@FreeBSD.org
Subject: [Bug 264082] www/grafana{7,8}: Update to 8.5.3 and 7.5.16 (Fixes security vulnerability)
Message-ID: <bug-264082-7788-H6zN6DyZD5@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-264082-7788@https.bugs.freebsd.org/bugzilla/>
References: <bug-264082-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D264082 --- Comment #4 from Kubilay Kocak <koobs@FreeBSD.org> --- (In reply to Xander from comment #3) (In reply to Boris Korzun from comment #2) Thank you for the detail, so to be explicit and clarify: - The OSS versions did not receive any security related changes to their codebases? - The inclusion of "Fixes CVE-2022-29170" in the OSS version release notes = is incorrect? In particular, can we point to any commit logs and/or issues for CVE-2022-2= 9170 so we have details of the branches they were applied to, or the absence of = said merges to OSS branches? --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-264082-7788-H6zN6DyZD5>