Date: Wed, 23 May 2018 07:52:39 +0000 From: bugzilla-noreply@freebsd.org To: ports-bugs@FreeBSD.org Subject: [Bug 227642] [PATCH] mail/sympa: security update to 2.6.32 Message-ID: <bug-227642-7788-XuItAAlNVz@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-227642-7788@https.bugs.freebsd.org/bugzilla/> References: <bug-227642-7788@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D227642 --- Comment #3 from commit-hook@freebsd.org --- A commit references this bug: Author: krion Date: Wed May 23 07:52:05 UTC 2018 New revision: 470685 URL: https://svnweb.freebsd.org/changeset/ports/470685 Log: MFH: r470654 Security update to 6.2.32 Description: A vulnerability has been discovered in Sympa web interface that allows write access to files on the server filesystem. This flaw allows to create or modify any file writable by the Sympa user, located on the server filesystem, using the function of Sympa web interface template file saving. PR: 227642 Submitted by: maintainer Approved by: ports-secteam Changes: _U branches/2018Q2/ branches/2018Q2/mail/sympa/Makefile branches/2018Q2/mail/sympa/distinfo --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-227642-7788-XuItAAlNVz>