[Bug 263749] mail/rainloop mail/rainloop-community: affected by CVE-2022-29360
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 03 May 2022 08:17:43 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263749 Bug ID: 263749 Summary: mail/rainloop mail/rainloop-community: affected by CVE-2022-29360 Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Only Me Priority: --- Component: Individual Port(s) Assignee: firstname.lastname@example.org Reporter: email@example.com Assignee: firstname.lastname@example.org Flags: maintainer-feedback?(email@example.com) Cfr. https://blog.sonarsource.com/rainloop-emails-at-risk-due-to-code-flaw https://github.com/RainLoop/rainloop-webmail/issues/2142 Unfortunately I don't have a time for a patch at the moment, but it could make sense to either: - add CVE indication to `pkg audit` - add SonarSource-produced unofficial patch to this port - add SnappyMail in the Ports -- You are receiving this mail because: You are the assignee for the bug.