[Bug 269170] net/kafka: update to 3.3.2

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 269170] net/kafka: update to 3.3.2"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 29 Jan 2023 15:37:34 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=269170

Graham Perrin <grahamperrin@freebsd.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |grahamperrin@freebsd.org,
                   |                            |ports-secteam@FreeBSD.org
                URL|                            |https://downloads.apache.or
                   |                            |g/kafka/3.3.2/RELEASE_NOTES
                   |                            |.html
             Status|New                         |Open
           Priority|---                         |Normal
              Flags|                            |merge-quarterly?
           Keywords|                            |security
           Severity|Affects Only Me             |Affects Many People

--- Comment #1 from Graham Perrin <grahamperrin@freebsd.org> ---
From the release notes: 

> [KAFKA-14320] - Upgrade Jackson for CVE fix

<https://issues.apache.org/jira/browse/KAFKA-14320> refers to
<https://nvd.nist.gov/vuln/detail/CVE-2020-36518>. 

A broader list of vulnerabilities: <https://kafka.apache.org/cve-list>

Re: <https://docs.freebsd.org/en/books/porters-handbook/book/#security-notify>
we should have VuXML entries. 

Thanks

-- 
You are receiving this mail because:
You are the assignee for the bug.