Site Navigation

Date:      Sat, 7 Sep 2024 01:16:01 -0400
From:      "Jason E. Hale" <jhale@freebsd.org>
To:        Cy Schubert <cy@freebsd.org>
Cc:        ports-committers@freebsd.org, dev-commits-ports-all@freebsd.org,  dev-commits-ports-main@freebsd.org
Subject:   Re: git: 05d4a95e7f58 - main - security/vuxml: Add devel/binutils < 2.43
Message-ID:  <CAJE75NHZqCCYWXL_dQ7JXA2i9jo_y9iLwQTrgybtBkEb3TqzPQ@mail.gmail.com>
In-Reply-To: <202409061452.486EqKOL032322@gitrepo.freebsd.org>
References:  <202409061452.486EqKOL032322@gitrepo.freebsd.org>

---

next in thread | previous in thread | raw e-mail | index | archive | help

---

On Fri, Sep 6, 2024 at 10:52=E2=80=AFAM Cy Schubert <cy@freebsd.org> wrote:
>
> The branch main has been updated by cy:
>
> URL: https://cgit.FreeBSD.org/ports/commit/?id=3D05d4a95e7f58d75a6a2cf732=
1751c50ee5d42568
>
> commit 05d4a95e7f58d75a6a2cf7321751c50ee5d42568
> Author:     Cy Schubert <cy@FreeBSD.org>
> AuthorDate: 2024-09-06 14:51:48 +0000
> Commit:     Cy Schubert <cy@FreeBSD.org>
> CommitDate: 2024-09-06 14:52:09 +0000
>
>     security/vuxml: Add devel/binutils < 2.43
> ---
>  security/vuxml/vuln/2024.xml | 32 ++++++++++++++++++++++++++++++++
>  1 file changed, 32 insertions(+)
>
> diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml
> index f4f89e3aaea7..613a37f8dfa3 100644
> --- a/security/vuxml/vuln/2024.xml
> +++ b/security/vuxml/vuln/2024.xml
> @@ -1,3 +1,35 @@
> +  <vuln vid=3D"943f8915-6c5d-11ef-810a-f8b46a88f42c">
> +    <topic> -- </topic>
> +    <affects>
> +      <package>
> +       <name>binutils</name>
> +       <range><lt>2.43</lt></range>
> +      </package>
> +    </affects>
> +    <description>
> +       <body xmlns=3D"http://www.w3.org/1999/xhtml">;
> +       <p>alster@vinterdalen.se reports PR/281070:</p>
> +       <blockquote cite=3D"INSERT URL HERE">
> +         <p>A new version of devel/binutils has been released fixing
> +            CVE-2023-1972, CVE-2023-25585, CVE-2023-25586, and
> +            CVE-2023-25588.
> +         </p>
> +       </blockquote>
> +       </body>
> +    </description>
> +    <references>
> +      <url>https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D281070</u=
rl>
> +      <cvename>CVE-2023-1972</cvename>
> +      <cvename>CVE-2023-25585</cvename>
> +      <cvename>CVE-2023-25586</cvename>
> +      <cvename>CVE-2023-25588</cvename>
> +    </references>
> +    <dates>
> +      <discovery>2024-08-25</discovery>
> +      <entry>2024-09-06</entry>
> +    </dates>
> +  </vuln>
> +
>    <vuln vid=3D"f5d0cfe7-6ba6-11ef-858b-23eeba13701a">
>      <topic>gitea -- multiple issues</topic>
>      <affects>

In addition to what bapt said, <topic> is not filled out and the
"INSERT URL HERE" should be addressed in <blockquote>.

- Jason

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAJE75NHZqCCYWXL_dQ7JXA2i9jo_y9iLwQTrgybtBkEb3TqzPQ>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact