security/vuxml: add h2o CVE-2023-30847 entry
ClosedPublic
Actions

Authored by dch on May 13 2023, 8:54 PM.

Tags

None

Referenced Files

	Unknown Object (File)
	Dec 20 2023, 7:38 AM

	Unknown Object (File)
	Nov 12 2023, 5:30 AM

	Unknown Object (File)
	Nov 1 2023, 8:53 AM

	Unknown Object (File)
	Oct 11 2023, 4:32 AM

	Unknown Object (File)
	Oct 9 2023, 8:12 AM

	Unknown Object (File)
	Oct 9 2023, 8:12 AM

	Unknown Object (File)
	Sep 30 2023, 8:53 AM

	Unknown Object (File)
	Jun 20 2023, 3:36 AM

View All 11 Files

Subscribers

mandree

mat

Details

Reviewers

mandree

Summary

Security:       4da51989-5a8b-4eb9-b442-46d94ec0802d
Security:       CVE-2023-30847

Diff Detail

Repository

rP FreeBSD ports repository

Lint

No Lint Coverage

Unit

No Test Coverage

Build Status

Buildable 51482
Build 48373: arc lint + arc unit

Event Timeline

dch created this revision.May 13 2023, 8:54 PM

Herald added a subscriber: mat. · View Herald TranscriptMay 13 2023, 8:54 PM

dch requested review of this revision.May 13 2023, 8:54 PM

Harbormaster completed remote builds in B51482: Diff 121932.May 13 2023, 8:54 PM

LGTM, but other than the relocation; I see no difference. Tested with

make -C /usr/ports/security/vuxml /usr/ports/security/vuxml/vuln-flat.xml
vxquery /usr/ports/security/vuxml/vuln-flat.xml h2o-devel-2.3.0.d.20230427
vxquery /usr/ports/security/vuxml/vuln-flat.xml h2o-devel-2.3.0.c.20230427

where the first vxquery remains silent and the second issues the CVE-2023-30847 entry.

(no difference as in GNU diff: diff -ubBw ... of both versions does not show me a difference)

So I think you do not need to commit this because the old version is fine already.

This revision is now accepted and ready to land.May 13 2023, 9:19 PM

dch closed this revision.May 17 2023, 1:11 PM

Revision Contents
Changeset List

Path

Size

security/

vuxml/

vuln/

2023.xml

68 lines

Diff 121932

View Options

security/vuxml/vuln/2023.xml

security/vuxml: add h2o CVE-2023-30847 entryClosedPublicActions