[Bug 229217] devel/git vulnerable to CVE-2018-11233 and CVE-2018-11235 in 2018Q2
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Jun 21 18:17:22 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=229217
Bug ID: 229217
Summary: devel/git vulnerable to CVE-2018-11233 and
CVE-2018-11235 in 2018Q2
Product: Ports & Packages
Version: Latest
Hardware: Any
OS: Any
Status: New
Severity: Affects Many People
Priority: ---
Component: Individual Port(s)
Assignee: garga at FreeBSD.org
Reporter: danmcgrath.ca at gmail.com
Flags: maintainer-feedback?(garga at FreeBSD.org)
Assignee: garga at FreeBSD.org
Hi,
I was just wondering if perhaps I missed something, or there is a bug in my
poudriere, but is it really the case that git has been vulnerable for 2 CVE's
for a few weeks now? Any plans to patch it in Q2 (as opposed to waiting for
Q3)?
Thanks!
git-2.16.3 is vulnerable:
Git -- Fix memory out-of-bounds and remote code execution vulnerabilities
(CVE-2018-11233 and CVE-2018-11235)
CVE: CVE-2018-11235
CVE: CVE-2018-11233
WWW:
https://vuxml.FreeBSD.org/freebsd/c7a135f4-66a4-11e8-9e63-3085a9a47796.html
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list