Page MenuHomeFreeBSD
Differential D43868

security/vuxml: Add sysutils/eza vulnerability
ClosedPublic
Actions

Authored by dutra on Feb 13 2024, 6:46 PM.
Tags
None
Referenced Files
Unknown Object (File)
May 13 2024, 3:59 AM
Unknown Object (File)
May 4 2024, 1:17 PM
Unknown Object (File)
Apr 26 2024, 3:25 AM
Unknown Object (File)
Apr 14 2024, 5:39 PM
Unknown Object (File)
Apr 10 2024, 11:10 AM
Unknown Object (File)
Apr 10 2024, 6:19 AM
Unknown Object (File)
Apr 10 2024, 6:17 AM
Unknown Object (File)
Apr 10 2024, 6:16 AM
View All 22 Files
Subscribers
None

Details

Reviewers
dbaio
garga
Commits
R11:324cdec76530: security/vuxml: Add sysutils/eza vulnerability
Summary
This release fixes the vulnerability:
https://github.com/eza-community/eza/releases/tag/v0.18.2

Approved by:	dbaio (mentor), garga (mentor)

Pkg audit test:

eza is vulnerable:
  Affected versions:
  < 0.18.2
  Libgit2 -- multiple vulnerabilities
  CVE: CVE-2024-24577
  WWW: https://vuxml.FreeBSD.org/freebsd/43768ff3-c683-11ee-97d0-001b217b3468.html

1 problem(s) in 1 installed package(s) found.

Diff Detail

Repository
R11 FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dutra requested review of this revision.Feb 13 2024, 6:46 PM
dutra created this revision.
Harbormaster completed remote builds in B55990: Diff 134269.Feb 13 2024, 6:47 PM
garga accepted this revision.Feb 14 2024, 12:25 PM
This revision is now accepted and ready to land.Feb 14 2024, 12:25 PM
dbaio requested changes to this revision.Feb 14 2024, 12:33 PM

And add some information into the commit message, like, 'Include eza port in the Libgit2 entry, as it is a Go port that uses it as a dependency'.

security/vuxml/vuln/2024.xml
441–445

Add a modified entry here.

<modified>2024-02-14</modified>
This revision now requires changes to proceed.Feb 14 2024, 12:33 PM
dutra updated this revision to Diff 134332.Feb 14 2024, 7:26 PM

security/vuxml: Add sysutils/eza vulnerability

Include eza port in the Libgit2 entry

Approved by: dbaio (mentor), garga (mentor)

Harbormaster completed remote builds in B56015: Diff 134332.Feb 14 2024, 7:26 PM
garga accepted this revision.Feb 14 2024, 7:29 PM
dbaio accepted this revision.Feb 14 2024, 7:43 PM
This revision is now accepted and ready to land.Feb 14 2024, 7:43 PM
Closed by commit R11:324cdec76530: security/vuxml: Add sysutils/eza vulnerability (authored by dutra). · Explain WhyFeb 14 2024, 7:52 PM
This revision was automatically updated to reflect the committed changes.
dutra added a commit: R11:324cdec76530: security/vuxml: Add sysutils/eza vulnerability.

Revision Contents
Changeset List

PathSize
security/
vuxml/
vuln/
5 lines

Diff 134341

View Options

security/vuxml/vuln/2024.xml

Loading...