svn commit: r493527 - head/security/vuxml
Romain Tartière
romain at FreeBSD.org
Thu Feb 21 19:49:01 UTC 2019
Author: romain
Date: Thu Feb 21 19:49:00 2019
New Revision: 493527
URL: https://svnweb.freebsd.org/changeset/ports/493527
Log:
Document sysutils/puppetserver* vulnerabilities.
PuppetServer bundles Bouncy Castle, so add affected ports to the Bouncy Castle
entry.
sysutils/puppetserver is EOL and will likely never get a fix;
sysutils/puppetserver5 may get fixed in a future release of the 5.x branch;
sysutils/puppetserver6 was fixed in the latest release.
With hat: puppet
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Thu Feb 21 19:34:18 2019 (r493526)
+++ head/security/vuxml/vuln.xml Thu Feb 21 19:49:00 2019 (r493527)
@@ -7287,6 +7287,18 @@ a PingInterval period.</p>
<name>bouncycastle15</name>
<range><lt>1.60</lt></range>
</package>
+ <package>
+ <name>puppetserver</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>puppetserver5</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>puppetserver6</name>
+ <range><lt>6.2.1</lt></range>
+ </package>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
More information about the svn-ports-all
mailing list