Date: Sun, 14 Feb 2016 00:40:32 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 207173] devel/hive: Apache Hive authorization bug disclosure in 1.2.1 (CVE-2015-7521) Message-ID: <bug-207173-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D207173 Bug ID: 207173 Summary: devel/hive: Apache Hive authorization bug disclosure in 1.2.1 (CVE-2015-7521) Product: Ports & Packages Version: Latest Hardware: Any URL: http://www.openwall.com/lists/oss-security/2016/01/28/ 12 OS: Any Status: New Keywords: needs-patch, needs-qa, security Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: demon@FreeBSD.org Reporter: junovitch@freebsd.org CC: ports-secteam@FreeBSD.org Flags: maintainer-feedback?(demon@FreeBSD.org), merge-quarterly? Assignee: demon@FreeBSD.org Reference: http://www.openwall.com/lists/oss-security/2016/01/28/12 It looks like we will have to include the parent-auth-hook from http://apache.arvixe.com/hive/hive-parent-auth-hook/, bump portrevision, and document the mitigation steps in VuXML. --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-207173-13>