Date: Mon, 4 May 2020 17:51:59 -0600 From: "Kurt Buff - GSEC, GCIH" <kurt.buff@gmail.com> To: Josh Paetzel <jpaetzel@freebsd.org> Cc: Dutchman01 <dutchman01@quicknet.nl>, ports@freebsd.org Subject: Re: FreeBSD Port: open-vm-tools-11.0.1_3,2 Message-ID: <CADy1Ce4GTT62%2B438YXpPfGUZ-hJrKwiH=ihW2VHV=i=3G4rTjA@mail.gmail.com> In-Reply-To: <d308f49b-7d79-4af9-b546-16a4e6874aaf@www.fastmail.com> References: <000001d61e62$52544110$f6fcc330$@quicknet.nl> <CADy1Ce5s79X-YUPKW3RH4gtyJHc212FiHZdiob1vgdS7_nvuuw@mail.gmail.com> <d308f49b-7d79-4af9-b546-16a4e6874aaf@www.fastmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, May 4, 2020 at 4:46 PM Josh Paetzel <jpaetzel@freebsd.org> wrote: > On Mon, May 4, 2020, at 5:08 PM, Kurt Buff - GSEC, GCIH wrote: > > All, > > > > Has been done? > > > > I just built a new machine on our VMware cluster and tried to install this > > from ports on 12.1-RELEASE-p3 with an updated tree, and it complained about > > a dependency: > > > > ===> python27-2.7.17_1 has known vulnerabilities: > > python27-2.7.17_1 is vulnerable: > > Python -- Regular Expression DoS attack against client > > CVE: CVE-2020-8492 > > WWW: > > https://vuxml.FreeBSD.org/freebsd/a27b0bb6-84fc-11ea-b5b4-641c67a117d8.html > > > > Thanks, > > > > Kurt > > That doesn't have anything to do with an open-vm-tools version bump. > > The issue you are seeing is due to the fact that https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=245776 hasn't been committed yet. > > -- > > Thanks, > > Josh Paetzel Got it. I'll keep an eye on that bug. Thanks, Kurt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADy1Ce4GTT62%2B438YXpPfGUZ-hJrKwiH=ihW2VHV=i=3G4rTjA>