Date: Wed, 23 Jun 2021 08:11:51 +0200 From: Andrea Venturoli <ml@netfence.it> To: koobs@FreeBSD.org, freebsd-ports@freebsd.org Subject: www/py-aiohttp vulnerabilities Message-ID: <3c438d98-6c84-caf1-cfe9-45bf2b0527bf@netfence.it>
next in thread | raw e-mail | index | archive | help
Hello. pkg audit complains that > py37-aiohttp-3.7.4.p0 (www/py-aiohttp) is vulnerable: > aiohttp -- open redirect vulnerability > CVE: CVE-2021-21330 > WWW: https://vuxml.FreeBSD.org/freebsd/3000acee-c45d-11eb-904f-14dae9d5a9d2.html > > 1 problem(s) found. However, AFAICT following the link, this CVE was fixed in 3.7.4. Is this version vulnerable or not? Reading https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256219, IIUIC, looks like answer is no. Is then something wrong with my audit database? bye & Thanks av.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3c438d98-6c84-caf1-cfe9-45bf2b0527bf>