Page MenuHomeFreeBSD

security/vuxml: document log4j vulnerability in sysutils/rundeck3
ClosedPublic

Authored by fuz on Feb 16 2023, 1:13 PM.
Tags
None
Referenced Files
Unknown Object (File)
Mon, Dec 2, 11:17 AM
Unknown Object (File)
Nov 8 2024, 11:12 PM
Unknown Object (File)
Sep 18 2024, 2:09 AM
Unknown Object (File)
Sep 11 2024, 6:46 AM
Unknown Object (File)
Sep 9 2024, 5:42 PM
Unknown Object (File)
Sep 9 2024, 3:39 AM
Unknown Object (File)
Sep 5 2024, 3:17 AM
Unknown Object (File)
Sep 3 2024, 6:12 PM
Subscribers

Details

Summary
security/vuxml: document log4j vulnerability in sysutils/rundeck3

PR:		261748
Reported by:	ruben@verweg.com
Security:	https://docs.rundeck.com/docs/history/3_4_x/version-3.4.10.html
Approved by:	... (mentor)
Test Plan

Tested with Poudriere on i386 amd64 FreeBSD 12.4 13.1. Arm64 tests pending.
See test results at: http://fuz.su/~fuz/freebsd/batch2

make tidy completed without error.

Diff Detail

Repository
R11 FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

fuz requested review of this revision.Feb 16 2023, 1:13 PM
This revision is now accepted and ready to land.Feb 16 2023, 10:24 PM

Isn't Security: tag a vid or cve?
27c822a0-addc-11ed-a9ee-dca632b19f10
or
CVE-2021-44832 ?

Isn't Security: tag a vid or cve?
27c822a0-addc-11ed-a9ee-dca632b19f10
or
CVE-2021-44832 ?

Yes, indeed. I missed that. The Security: tag doesn't make much sense on the vuxml commit. I usually only add it with the vid to the commit which updates the port. So D38634 should add the tag to the commit message.

Okay, will add the tag to the commit message for D38634 then.