[Bug 259297] security/py-fail2ban: Add upstream patch to fix possible RCE vulnerability

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 259297] security/py-fail2ban: Add upstream patch to fix possible RCE vulnerability"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 27 Oct 2021 15:51:12 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=259297

--- Comment #5 from commit-hook@FreeBSD.org ---
A commit in branch 2021Q4 references this bug:

URL:
https://cgit.FreeBSD.org/ports/commit/?id=69221920c9faeff24c581ac1ee6d89ca4f1bbf11

commit 69221920c9faeff24c581ac1ee6d89ca4f1bbf11
Author:     Yasuhiro Kimura <yasu@FreeBSD.org>
AuthorDate: 2021-10-20 09:42:38 +0000
Commit:     Yasuhiro Kimura <yasu@FreeBSD.org>
CommitDate: 2021-10-27 15:49:50 +0000

    security/py-fail2ban: Add upstream patch to fix possible RCE vulnerability

    * Switch to DISTVERSION
    * Pet portclippy
    * Reformat Makefile with portfmt

    PR:             259297
    Approved by:    maintainer
    Obtained from: 
https://github.com/fail2ban/fail2ban/commit/410a6ce5c80dd981c22752da034f2529b5eee844
    MFH:            2021Q4
    Security:       CVE-2021-32749
    Security:      
https://github.com/fail2ban/fail2ban/security/advisories/GHSA-m985-3f3v-cwmm
    Differential Revision:  https://reviews.freebsd.org/D32576

    (cherry picked from commit 644e5b65b9503bed420885c9fefc8b3941dd009d)

 security/py-fail2ban/Makefile                      |  26 ++--
 .../py-fail2ban/files/patch-CVE-2021-32749 (new)   | 158 +++++++++++++++++++++
 2 files changed, 169 insertions(+), 15 deletions(-)

-- 
You are receiving this mail because:
You are the assignee for the bug.