oniguruma5-5.9.6_1 is vulnerable
Kurt Jaeger
lists at opsec.eu
Fri Aug 11 10:41:04 UTC 2017
Hi!
> For some weeks I noticed
>
> oniguruma5-5.9.6_1 is vulnerable:
> oniguruma -- multiple vulnerabilities
> CVE: CVE-2017-9228
> CVE: CVE-2017-9228
> CVE: CVE-2017-9227
> CVE: CVE-2017-9226
> CVE: CVE-2017-9224
> WWW:https://vuxml.FreeBSD.org/freebsd/b396cf6c-62e6-11e7-9def-b499baebfeaf.html
>
> Can you please provide a port update? Thanks.
Basically, the suggestion is to update dependent ports to oniguruma6,
and then remove oniguruma5. See
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220438
for more details. That's a little bit of work and we're short
on folks doing it 8-}
--
pi at opsec.eu +49 171 3101372 3 years to go !
More information about the freebsd-ports
mailing list