[Bug 204407] deskutils/owncloudclient: Missing VUXML entry for CVE-2015-7298

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=204407

Kubilay Kocak <koobs at FreeBSD.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|deskutils/owncloudclient -  |deskutils/owncloudclient:
                   |Missing VUXML entry for     |Missing VUXML entry for
                   |CVE-2015-7298               |CVE-2015-7298

--- Comment #2 from Kubilay Kocak <koobs at FreeBSD.org> ---
Vulnerabilities not under embargo (public) are fine as public issues, and
perhaps better as public issues for transparency/accountability

Security issues require:

* An entry in security/vuxml
* A changeset (needs-patch) to address the vulnerability in HEAD and the
quarterly branch if the version in ports is/remains vulnerable

The issue summary at the moment only states a missing vuxml entry, but comment
0 eludes that there's still a vulnerability vector in the port.

@Sevan please clarify.

-- 
You are receiving this mail because:
You are the assignee for the bug.