From nobody Sat Jun 11 10:19:05 2022
X-Original-To: ports-bugs@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id CAB868518B2
	for <ports-bugs@mlmmj.nyi.freebsd.org>; Sat, 11 Jun 2022 10:19:05 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4LKv213dwBz4RYc
	for <ports-bugs@FreeBSD.org>; Sat, 11 Jun 2022 10:19:05 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 5A2782A5C
	for <ports-bugs@FreeBSD.org>; Sat, 11 Jun 2022 10:19:05 +0000 (UTC)
	(envelope-from bugzilla-noreply@freebsd.org)
Received: from kenobi.freebsd.org ([127.0.1.5])
	by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 25BAJ5VA096209
	for <ports-bugs@FreeBSD.org>; Sat, 11 Jun 2022 10:19:05 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
Received: (from www@localhost)
	by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 25BAJ5eW096208
	for ports-bugs@FreeBSD.org; Sat, 11 Jun 2022 10:19:05 GMT
	(envelope-from bugzilla-noreply@freebsd.org)
X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f
From: bugzilla-noreply@freebsd.org
To: ports-bugs@FreeBSD.org
Subject: [Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to
 CVE-2022-24766)
Date: Sat, 11 Jun 2022 10:19:05 +0000
X-Bugzilla-Reason: CC AssignedTo
X-Bugzilla-Type: changed
X-Bugzilla-Watch-Reason: None
X-Bugzilla-Product: Ports & Packages
X-Bugzilla-Component: Individual Port(s)
X-Bugzilla-Version: Latest
X-Bugzilla-Keywords: needs-patch, needs-qa, security
X-Bugzilla-Severity: Affects Many People
X-Bugzilla-Who: p5B2EA84B3@t-online.de
X-Bugzilla-Status: Open
X-Bugzilla-Resolution: 
X-Bugzilla-Priority: Normal
X-Bugzilla-Assigned-To: ports-bugs@FreeBSD.org
X-Bugzilla-Flags: maintainer-feedback? merge-quarterly?
X-Bugzilla-Changed-Fields: 
Message-ID: <bug-264426-7788-XYGnYGwVEn@https.bugs.freebsd.org/bugzilla/>
In-Reply-To: <bug-264426-7788@https.bugs.freebsd.org/bugzilla/>
References: <bug-264426-7788@https.bugs.freebsd.org/bugzilla/>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/
Auto-Submitted: auto-generated
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-ports-bugs
List-Help: <mailto:ports-bugs+help@freebsd.org>
List-Post: <mailto:ports-bugs@freebsd.org>
List-Subscribe: <mailto:ports-bugs+subscribe@freebsd.org>
List-Unsubscribe: <mailto:ports-bugs+unsubscribe@freebsd.org>
Sender: owner-freebsd-ports-bugs@freebsd.org
X-BeenThere: freebsd-ports-bugs@freebsd.org
MIME-Version: 1.0
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1654942745;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding:
	 in-reply-to:in-reply-to:references:references;
	bh=zUdWY51nBmEfgGBbjeD5jD75VoIVQbGnKEcRAE/ZWzA=;
	b=DYpOaDQYdFtE7o/lW8QsDYdihbJADwVT4qOIdZJEzAvYfhtF+pleKMBx57ixLaqlHJ/5qx
	a+rBAiR3cGHJIgzk56chytw0e2N4tdec31NhnierNcA2GyagofwdtiUJBZWntMwgzLsbRG
	YViLUsI/QLgspXFgEBckbAhExtIcTcwzwE1twqTxz9IrsPAYpJ6RAf6dNlUQTStjGPRe1v
	XqXoJT9ggUzn0JKINBCKKrFjKzPyOuTYc03L/3Ozxyp/1HeXC17c9Z3jlvR9C4bjZ7WLW2
	R1c4goE+3ykJayxrZysIWAvNcEoaytRkYttcg+P5Boo1HEGAm6yOuMUuyuoLlA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1654942745; a=rsa-sha256; cv=none;
	b=Jd1yxwlJJ6tD7DG4PqZ91+44VnMRaapOPPt+spwAaKehCUkFFE5rPiH1iLrW8J2z6MUffm
	En+lwsQ70RdQDkim0jVw6rZk5UD7MzmzzpR0VOWBmpwR5AQJW2sUbSX1iaQ9GWuT+5/A4G
	B2HLiV2RlF1eQ6bV/Odie7zB1Y0U12APt+fXskFe335NB+TppFQltgVVoNMQgAPXDEwCez
	SukHeQGUPF1jKZZrVsSaClvD9yJyp8KlHA8BMUshM+YBicMfKv2ETdJEP3OJkBhQeyoluA
	OaUKQcr8Is8cf4PwrSn6yd76M28NRJ7J6H8x0xTIAfGfbRQPft1wjs5CwS35KQ==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D264426

--- Comment #2 from p5B2EA84B3@t-online.de ---
from
https://docs.freebsd.org/en/books/porters-handbook/security/#security-notify

12.3. Keeping the Community Informed
12.3.1. The VuXML Database

A very important and urgent step to take as early after a security
vulnerability is discovered as possible is to notify the community of port
users about the jeopardy. Such notification serves two purposes. ...

What is the reason that mitmproxy still has no entry in the FreeBSD VuXML
database?

The trust in the FreeBSD VuXML database suffers if entries are delayed.

--=20
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.=