Page MenuHomeFreeBSD

www/mini_httpd: Update to 1.28 and address security advisory
ClosedPublic

Authored by leres on Feb 6 2018, 1:34 AM.

Details

Summary

Proposed commit message:

Update to 1.28 which fixes a buffer overflow (that will be)
documented in CVE-2017-17663.

Reviewed by: ? (mentor)
Approved by: ? (mentor)
Security: CVE-2017-17663
Differential Revision: ?

Diff Detail

Repository
rP FreeBSD ports repository
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

leres created this revision.Feb 6 2018, 1:34 AM
leres edited the test plan for this revision. (Show Details)Feb 9 2018, 5:08 AM
leres added reviewers: ler, matthew.

Heh, I managed to put my reviewers in the "test plan" section...

matthew accepted this revision.Feb 9 2018, 7:27 AM

lgtm

but you should create (and get reviewed) a VuXML entry for the vulnerabilities before you commit, and reference the VuXML from your commit
message. The 'Security' tab in the commit template should contain the VuXMLid, although it is frequently used for other identifying numbers.

Don't forget to request MFH 2018Q1

This revision is now accepted and ready to land.Feb 9 2018, 7:27 AM
This revision was automatically updated to reflect the committed changes.