From owner-freebsd-office@freebsd.org Fri May 5 19:46:55 2017 Return-Path: Delivered-To: freebsd-office@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5950AD5F8C7 for ; Fri, 5 May 2017 19:46:55 +0000 (UTC) (envelope-from jason@aventia.pw) Received: from mailman.ysv.freebsd.org (unknown [127.0.1.3]) by mx1.freebsd.org (Postfix) with ESMTP id 36E751C27 for ; Fri, 5 May 2017 19:46:55 +0000 (UTC) (envelope-from jason@aventia.pw) Received: by mailman.ysv.freebsd.org (Postfix) id 335FFD5F8C6; Fri, 5 May 2017 19:46:55 +0000 (UTC) Delivered-To: office@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 32FFFD5F8C5 for ; Fri, 5 May 2017 19:46:55 +0000 (UTC) (envelope-from jason@aventia.pw) Received: from www.aventia.pw (www.aventia.pw [185.72.247.161]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id B68201C25; Fri, 5 May 2017 19:46:54 +0000 (UTC) (envelope-from jason@aventia.pw) Received: from localhost (localhost [127.0.0.1]) by www.aventia.pw (Postfix) with ESMTP id 126D340E90B; Fri, 5 May 2017 19:49:52 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aventia.pw; s=selector1; t=1494006592; bh=MXYtZuTLyi9LYmJOq0bdb8mYw7tmmvnen/hkKkXnL2g=; h=To:Cc:From:Subject:Date; b=aLZdvlr9txA4N9BULn1FF1T7rHluMMa1Kr3l0Iar/4yWdDMpHxRErInteZEBVMDUV OiWmOm+wXZ/jGycZBA4WmXeU+ZvzhWqaQsqOr9kcGMzoSa86dtdwd633pSX/IkHiOf 7bPoG3fJJ3estbatovK6V/mJqt6ijEZBIHyhBAZk= Received: from www.aventia.pw ([127.0.0.1]) by localhost (www.aventia.pw [127.0.0.1]) (maiad, port 10024) with ESMTP id 78778-01; Fri, 5 May 2017 19:49:50 +0200 (CEST) Received: from JasonsPdyBridge.home (178-190-94-18.adsl.highway.telekom.at [178.190.94.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: jason@aventia.pw) by www.aventia.pw (Postfix) with ESMTPSA id 0848640E814; Fri, 5 May 2017 19:49:46 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=aventia.pw; s=selector1; t=1494006587; bh=MXYtZuTLyi9LYmJOq0bdb8mYw7tmmvnen/hkKkXnL2g=; h=To:Cc:From:Subject:Date; b=fSMsMMzftgBaKN8H06/T3j4U0k85Q6SJEHrPPz1X7tOATYIimKKfQ3tmuE6mF3cmy hmJf+ogT3eCDM0OV4qkvxTnsJwsdfBe8y1KZoaLooaSXulGzKKCdMMa8p0lqKvN+zi QpZuVZ60mlJuMRyninXuB+8ZWKtSdUu8QNDGmy9c= To: jkim@FreeBSD.org Cc: office@FreeBSD.org From: Jason de Cordoba Subject: FreeBSD Port: devel/icu icu-58.2_2,1 is vulnerable: Organization: aventia.pw Message-ID: <2132c682-c881-369e-21e8-81182d715d53@aventia.pw> Date: Fri, 5 May 2017 21:46:39 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="peCIIC07DhnLejO0WxB80jHE93v6FftRl" X-Content-Filtered-By: Mailman/MimeDel 2.1.23 X-BeenThere: freebsd-office@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Office applications on FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 May 2017 19:46:55 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --peCIIC07DhnLejO0WxB80jHE93v6FftRl Content-Type: multipart/mixed; boundary="qo3sIH4tLsaa3OjxdclAdRGfx71Jm5enc"; protected-headers="v1" From: Jason de Cordoba To: jkim@FreeBSD.org Cc: office@FreeBSD.org Message-ID: <2132c682-c881-369e-21e8-81182d715d53@aventia.pw> Subject: FreeBSD Port: devel/icu icu-58.2_2,1 is vulnerable: --qo3sIH4tLsaa3OjxdclAdRGfx71Jm5enc Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Hi there, encountered a stop on upgrading icu which was updated today in ports on fbsd11.0p9 It appears the icu 58.2_2,1 is also vulnerable? http://www.freshports.org/devel/icu/ http://www.freshports.org/commit.php?category=3Ddevel&port=3Dicu&files=3D= yes&message_id=3D201705042144.v44LivS4081269@repo.freebsd.org Thanks, Jason =3D=3D=3D>>> All >> icu-58.2_1,1 (2/10) =3D=3D=3D> Cleaning for icu-58.2_2,1 =3D=3D=3D> icu-58.2_2,1 has known vulnerabilities: icu-58.2_2,1 is vulnerable: icu -- multiple vulnerabilities CVE: CVE-2017-7868 CVE: CVE-2017-7867 WWW: https://vuxml.FreeBSD.org/freebsd/607f8b57-7454-42c6-a88a-8706f327076= d.html --qo3sIH4tLsaa3OjxdclAdRGfx71Jm5enc-- --peCIIC07DhnLejO0WxB80jHE93v6FftRl Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJZDNafAAoJECACAWLXXDq+tWcP/3/M99ZubsiRhZLWX+x6k+gw FkH6kMm3PJOklh7KfVu821v9uiOJgakanWeOJXHnRLWU4shgZWqMTuV0YwT2G0sy HU3CKo25eTWWM+sO0XzWllRdMTgjvGqTYGlpnK4wmeo/BraBqj+go1rtK4r9/wsf h2f5jrO7sgCIuVbrRmGdzcH8A0Dn1AxVdsJg9ZbjCcLfKaKuvAVgH6eI6OIpciFv CKn/adk115Lkmpe6HxvPZNxonUenrCrqp+Ltb17rpw1AXSNjhWDyuVnXdIq3UkOl rtJPiTiJUj3idYkX057aGaanKTjLPQzMEffgHl1P7kVUG1sqqBqg8pt1C8T5zYA0 oN6KNm7yiFd/VwD0bFvXVm5owULCa4yTRDUsVGKyl9ltNmg6a1KSGTu+TNSap/Mc ztMGwegkDQUBGqpUPGY53WMZp/SGLGx3cL+rR5UfpC4OJn25nnUBboGosD7KaeE/ IB+vGsI5S1PHL4RIr6LkmGnnVFZ2RGl5swkFFGuyHz35D3cAmvsAMV3iuKYlqC/u ISryrak7HSujzB5f/w7/NJZhQ6NxE6AqRpfmWNtGrj1caEHKvZ5LwhSyHAJejx6v SbBkvIV4asGEKnLF+2zE3ijaEehQ7dg5n+mxBkB3013aAnemMJP6nL3U2V9khiVo CYEuNHp0oJcWc52Sy3FG =WU2F -----END PGP SIGNATURE----- --peCIIC07DhnLejO0WxB80jHE93v6FftRl--