svn commit: r557424 - head/security/vuxml
Philip Paeps
philip at FreeBSD.org
Thu Dec 10 09:59:00 UTC 2020
Author: philip
Date: Thu Dec 10 09:58:59 2020
New Revision: 557424
URL: https://svnweb.freebsd.org/changeset/ports/557424
Log:
security/vuxml: FreeBSD 11.4 is vulnerable to CVE-2020-1971
As noted in FreeBSD-SA-20:33.openssl, this vulnerability is also known
to affect OpenSSL versions included in FreeBSD 11.4. However, the
OpenSSL project is only giving patches for that version to premium
support contract holders. The FreeBSD project does not have access to
these patches and recommends FreeBSD 11.4 users to either upgrade to
FreeBSD 12.x or leverage up to date versions of OpenSSL in the ports/pkg
system. The FreeBSD Project may update this advisory to include FreeBSD
11.4 should patches become publicly available.
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Thu Dec 10 09:56:27 2020 (r557423)
+++ head/security/vuxml/vuln.xml Thu Dec 10 09:58:59 2020 (r557424)
@@ -99,6 +99,7 @@ Notes:
<name>FreeBSD</name>
<range><ge>12.2</ge><lt>12.2_2</lt></range>
<range><ge>12.1</ge><lt>12.1_12</lt></range>
+ <range><ge>11.4</ge></range>
</package>
</affects>
<description>
More information about the svn-ports-all
mailing list