Date: Mon, 13 Dec 2021 13:04:43 GMT From: Alexander Leidinger <netchild@FreeBSD.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org Subject: git: b0989e442d49 - main - security/vuxml: fix Solr XML and add openhab (log4shell) Message-ID: <202112131304.1BDD4hpN074190@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by netchild: URL: https://cgit.FreeBSD.org/ports/commit/?id=b0989e442d4916693102c3a44958f4e6a520e1d0 commit b0989e442d4916693102c3a44958f4e6a520e1d0 Author: Alexander Leidinger <netchild@FreeBSD.org> AuthorDate: 2021-12-13 12:42:27 +0000 Commit: Alexander Leidinger <netchild@FreeBSD.org> CommitDate: 2021-12-13 13:04:38 +0000 security/vuxml: fix Solr XML and add openhab (log4shell) --- security/vuxml/vuln-2021.xml | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/security/vuxml/vuln-2021.xml b/security/vuxml/vuln-2021.xml index 2f30270535f6..ac123c5227de 100644 --- a/security/vuxml/vuln-2021.xml +++ b/security/vuxml/vuln-2021.xml @@ -1,12 +1,50 @@ + <vuln vid="93a1c9a7-5bef-11ec-a47a-001517a2e1a4"> + <topic>openhab -- log4j remote code injection</topic> + <affects> + <package> + <name>openhab2</name> + <name>openhab</name> + <range><le>2.5.12</le></range> + <range><lt>3.1.1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Openhab reports:</p> + <blockquote cite="https://github.com/openhab/openhab-distro/security/advisories/GHSA-j99j-qp89-pcfq">; + <p>Any openHAB instance that is publicly available or which consumes untrusted content from remote servers is potentially a target of this attack.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2021-44228</cvename> + <url>https://github.com/openhab/openhab-distro/security/advisories/GHSA-j99j-qp89-pcfq</url>; + <url>https://github.com/ops4j/org.ops4j.pax.logging/security/advisories/GHSA-xxfh-x98p-j8fr</url>; + <url>https://github.com/advisories/GHSA-jfh8-c2jp-5v3q</url>; + </references> + <dates> + <discovery>2021-12-10</discovery> + <entry>2021-12-13</entry> + </dates> + </vuln> + <vuln vid="66cf7c43-5be3-11ec-a587-001b217b3468"> <topic>Solr -- Apache Log4J</topic> <affects> <package> <name>apache-solr</name> <range><lt>8.11.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; <p>Solr reports:</p> <blockquote cite="https://solr.apache.org/security.html">; <p>Apache Solr affected by Apache Log4J</p> + </blockquote> + </body> + </description> + <references> <url>https://solr.apache.org/security.html</url>; </references> <dates>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202112131304.1BDD4hpN074190>