git: 21557ec77021 - main - security/vuxml: libspf2 >= 1.2.11_1 not vulnerable
Date: Sun, 04 May 2025 03:11:43 UTC
The branch main has been updated by philip:
URL: https://cgit.FreeBSD.org/ports/commit/?id=21557ec770213e17c6979d8fd68a98db1309c1e9
commit 21557ec770213e17c6979d8fd68a98db1309c1e9
Author: Philip Paeps <philip@FreeBSD.org>
AuthorDate: 2025-05-04 03:04:21 +0000
Commit: Philip Paeps <philip@FreeBSD.org>
CommitDate: 2025-05-04 03:04:21 +0000
security/vuxml: libspf2 >= 1.2.11_1 not vulnerable
Fix the version range for libspf2 CVE-2023-42118.
libspf2 was patched in commit bbdef08a89c2124b0c149597f23d67c39cf3a522
to address CVE-2023-42118. PORTREVISION was bumped but vuxml was never
updated.
PR: 274215
Reported by: JC Burger <Jc.Burger@nttdata.com>
Security: CVE-2023-42118
---
security/vuxml/vuln/2023.xml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml
index 74e0306ae776..9d6a9444af0b 100644
--- a/security/vuxml/vuln/2023.xml
+++ b/security/vuxml/vuln/2023.xml
@@ -2538,7 +2538,7 @@ Reported by Niccolo Belli and WIPocket (Github #400, #417).
<affects>
<package>
<name>libspf2</name>
- <range><le>1.2.11</le></range>
+ <range><lt>1.2.11_1</lt></range>
</package>
</affects>
<description>
@@ -2562,6 +2562,7 @@ Reported by Niccolo Belli and WIPocket (Github #400, #417).
<dates>
<discovery>2022-06-06</discovery>
<entry>2023-10-04</entry>
+ <modified>2025-05-04</modified>
</dates>
</vuln>