Page MenuHomeFreeBSD
Differential D43868

security/vuxml: Add sysutils/eza vulnerability
ClosedPublic
Actions

Authored by dutra on Feb 13 2024, 6:46 PM.
Tags
None
Referenced Files
Unknown Object (File)
Oct 18 2024, 1:09 AM
Unknown Object (File)
Oct 3 2024, 7:23 AM
Unknown Object (File)
Oct 3 2024, 2:03 AM
Unknown Object (File)
Oct 1 2024, 10:26 AM
Unknown Object (File)
Sep 27 2024, 6:08 PM
Unknown Object (File)
Sep 27 2024, 9:50 AM
Unknown Object (File)
Sep 25 2024, 2:03 PM
Unknown Object (File)
Sep 24 2024, 4:49 PM
View All 53 Files
Subscribers
None

Details

Reviewers
dbaio
garga
Commits
R11:324cdec76530: security/vuxml: Add sysutils/eza vulnerability
Summary
This release fixes the vulnerability:
https://github.com/eza-community/eza/releases/tag/v0.18.2

Approved by:	dbaio (mentor), garga (mentor)

Pkg audit test:

eza is vulnerable:
  Affected versions:
  < 0.18.2
  Libgit2 -- multiple vulnerabilities
  CVE: CVE-2024-24577
  WWW: https://vuxml.FreeBSD.org/freebsd/43768ff3-c683-11ee-97d0-001b217b3468.html

1 problem(s) in 1 installed package(s) found.

Diff Detail

Repository
R11 FreeBSD ports repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

dutra requested review of this revision.Feb 13 2024, 6:46 PM
dutra created this revision.
Harbormaster completed remote builds in B55990: Diff 134269.Feb 13 2024, 6:47 PM
garga accepted this revision.Feb 14 2024, 12:25 PM
This revision is now accepted and ready to land.Feb 14 2024, 12:25 PM
dbaio requested changes to this revision.Feb 14 2024, 12:33 PM

And add some information into the commit message, like, 'Include eza port in the Libgit2 entry, as it is a Go port that uses it as a dependency'.

security/vuxml/vuln/2024.xml
441–445

Add a modified entry here.

<modified>2024-02-14</modified>
This revision now requires changes to proceed.Feb 14 2024, 12:33 PM
dutra updated this revision to Diff 134332.Feb 14 2024, 7:26 PM

security/vuxml: Add sysutils/eza vulnerability

Include eza port in the Libgit2 entry

Approved by: dbaio (mentor), garga (mentor)

Harbormaster completed remote builds in B56015: Diff 134332.Feb 14 2024, 7:26 PM
garga accepted this revision.Feb 14 2024, 7:29 PM
dbaio accepted this revision.Feb 14 2024, 7:43 PM
This revision is now accepted and ready to land.Feb 14 2024, 7:43 PM
Closed by commit R11:324cdec76530: security/vuxml: Add sysutils/eza vulnerability (authored by dutra). · Explain WhyFeb 14 2024, 7:52 PM
This revision was automatically updated to reflect the committed changes.
dutra added a commit: R11:324cdec76530: security/vuxml: Add sysutils/eza vulnerability.

Revision Contents
Changeset List

PathSize
security/
vuxml/
vuln/
5 lines

Diff 134341

View Options

security/vuxml/vuln/2024.xml

Loading...