Date: Mon, 01 Jun 2015 05:57:01 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 200562] [patch] japanese/mailman: seems to be affeted by CVE-2015-2775 also Message-ID: <bug-200562-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=200562 Bug ID: 200562 Summary: [patch] japanese/mailman: seems to be affeted by CVE-2015-2775 also Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Keywords: patch Severity: Affects Some People Priority: --- Component: Individual Port(s) Assignee: tota@FreeBSD.org Reporter: freebsd-bug-report-yf@yf.bsdclub.org Assignee: tota@FreeBSD.org Flags: maintainer-feedback?(tota@FreeBSD.org) Keywords: patch Created attachment 157322 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=157322&action=edit patch to fix CVE-2015-2775 Directory traversal vulnerability CVE-2015-2775 may affect mailman-2.1.14+j7. Unfortunately, development of this software has stoped on 2012, so the fix will not be provided from upstream. So we must fix it on ports/package side. Here is a patch to fix it, (Originally getting from http://bazaar.launchpad.net/~mailman-coders/mailman/2.1/revision/1553/Mailman/Utils.py , applying against mailman-2.1.14+j7, and getting diff again.) -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-200562-13>