git: c06e206dffd4 - main - security/vuxml: Fix bca498407bf9e529936ebb68e9ca257bdd1428de
Date: Wed, 11 Oct 2023 22:23:34 UTC
The branch main has been updated by sunpoet:
URL: https://cgit.FreeBSD.org/ports/commit/?id=c06e206dffd44ca562f86fbf55c06e361881bf47
commit c06e206dffd44ca562f86fbf55c06e361881bf47
Author: Po-Chuan Hsieh <sunpoet@FreeBSD.org>
AuthorDate: 2023-10-11 22:22:51 +0000
Commit: Po-Chuan Hsieh <sunpoet@FreeBSD.org>
CommitDate: 2023-10-11 22:22:51 +0000
security/vuxml: Fix bca498407bf9e529936ebb68e9ca257bdd1428de
The pkg audit result before the fix:
curl-8.4.0 is vulnerable:
curl -- SOCKS5 heap buffer overflow
CVE: CVE-2023-38545
WWW: https://vuxml.FreeBSD.org/freebsd/d6c19e8c-6806-11ee-9464-b42e991fc52e.html
1 problem(s) in 1 installed package(s) found.
---
security/vuxml/vuln/2023.xml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml
index d2b1be12644f..db04c1b9498f 100644
--- a/security/vuxml/vuln/2023.xml
+++ b/security/vuxml/vuln/2023.xml
@@ -3,8 +3,7 @@
<affects>
<package>
<name>curl</name>
- <range><gt>7.69.0</gt></range>
- <range><lt>8.4.0</lt></range>
+ <range><gt>7.69.0</gt><lt>8.4.0</lt></range>
</package>
</affects>
<description>
@@ -35,6 +34,7 @@
<dates>
<discovery>2023-09-30</discovery>
<entry>2023-10-11</entry>
+ <modified>2023-10-11</modified>
</dates>
</vuln>