[Bug 271450] dns/py39-pycares-4.1.2 is vulnerable: CVE-2021-3672

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 271450] dns/py39-pycares: 4.1.2 is vulnerable: CVE-2021-3672"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 271450] dns/py39-pycares: 4.1.2 is vulnerable: CVE-2021-3672"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 271450] dns/py39-pycares: 4.1.2 is vulnerable: CVE-2021-3672"
Reply: bugzilla-noreply_a_freebsd.org: "[Bug 271450] dns/py39-pycares: 4.1.2 is vulnerable: CVE-2021-3672"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Tue, 16 May 2023 11:40:22 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=271450

            Bug ID: 271450
           Summary: dns/py39-pycares-4.1.2 is vulnerable: CVE-2021-3672
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-bugs@FreeBSD.org
          Reporter: p5B2EA84B3@t-online.de

# pkg audit
py39-pycares-4.1.2 is vulnerable:
  py39-pycares -- domain hijacking vulnerability
  CVE: CVE-2021-3672
  WWW:
https://vuxml.FreeBSD.org/freebsd/43e9ffd4-d6e0-11ed-956f-7054d21a9e2a.html

This is suspect, as there is no warning for:

# pkg info c-ares
c-ares-1.19.0
Name           : c-ares
Version        : 1.19.0

-- 
You are receiving this mail because:
You are the assignee for the bug.