[Bug 264426] www/mitmproxy <=7.0.4 vulnerable CVE-2022-24766

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 264426] www/mitmproxy: Update to 8.0.0 (<=7.0.4 vulnerable to CVE-2022-24766)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 03 Jun 2022 07:41:35 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=264426

            Bug ID: 264426
           Summary: www/mitmproxy <=7.0.4 vulnerable CVE-2022-24766
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: p5B2EA84B3@t-online.de
                CC: gaod@hychen.org
                CC: gaod@hychen.org
             Flags: maintainer-feedback?(gaod@hychen.org)

https://github.com/mitmproxy/mitmproxy/security/advisories/GHSA-gcx2-gvj7-pxv3

Patches

The vulnerability has been fixed in mitmproxy 8.0.0 and above.

15 May 2022: mitmproxy 8.1.0
    Mitmproxy now requires Python 3.9 or above. (#5233, @mhils)

-- 
You are receiving this mail because:
You are the assignee for the bug.