Date: Sun, 18 Nov 2012 13:35:24 +0100 (CET) From: Charlie Root <root@Dragonborn.cubox.me> To: FreeBSD-gnats-submit@FreeBSD.org Subject: ports/173699: critical problem fixed in irc/weechat Message-ID: <201211181235.qAICZOZ0014767@Dragonborn.cubox.me> Resent-Message-ID: <201211181250.qAICo2QE031249@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 173699
>Category: ports
>Synopsis: critical problem fixed in irc/weechat
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sun Nov 18 12:50:00 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator: Charlie Root
>Release: FreeBSD 9.1-PRERELEASE amd64
>Organization:
weechat
>Environment:
System: FreeBSD Dragonborn 9.1-PRERELEASE FreeBSD 9.1-PRERELEASE #0 r242921: Tue Nov 13 06:29:25 CET 2012 root@Dragonborn:/usr/obj/usr/src/sys/DRAGONBORN amd64
>Description:
Scripts can call an untrusted function, which can be a serious security problem. irc/weechat and irc/weechat-devel have to be updated to the latest vestion as soon as possible since the bug is now public.
>How-To-Repeat:
>Fix:
https://savannah.nongnu.org/bugs/?37764
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201211181235.qAICZOZ0014767>