Date: Fri, 11 Jun 2021 13:36:25 -0400 From: Dan Langille <dan@langille.org> To: Thierry Thomas <thierry@freebsd.org> Cc: "ports-committers@freebsd.org" <ports-committers@freebsd.org>, "dev-commits-ports-all@freebsd.org" <dev-commits-ports-all@freebsd.org>, "dev-commits-ports-main@freebsd.org" <dev-commits-ports-main@freebsd.org> Subject: Re: git: 0605ef1bd0c2 - main - graphics/ImageMagick6: upgrade to 6.9.12-12 Message-ID: <DE7D543C-ACB4-43E9-A673-4A459384921A@langille.org> In-Reply-To: <YMOc1t1YtAMJH22Z@graf.pompo.net> References: <202105272056.14RKuNKf097784@gitrepo.freebsd.org> <EBE0EB79-89DD-4A0D-8DFC-31408F97FD4D@langille.org> <YMOc1t1YtAMJH22Z@graf.pompo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> On Jun 11, 2021, at 1:26 PM, Thierry Thomas <thierry@freebsd.org> = wrote: >=20 > Le ven. 11 juin 21 =C3=A0 18:48:18 +0200, Dan Langille = <dan@langille.org> > =C3=A9crivait : >=20 >>> Note: this might fix some vulnerabilities, e.g. CVE-2021-20244, >>> CVE-2021-20243, CVE-2021-20176 or CVE-2020-27829, but this is not = clear >>> for me. >>>=20 >>> PR: 255818 >>> Approved by: maintainer=E2=80=99s time-out >>=20 >> This was a vuln fix and not backported to 2021Q2? >>=20 >> Is there any reason I should not do that backport now? >=20 > Yes, please! I sent a mail to ports-secteam@ and to the maintainer, = but > did not get any answer, and then I forgot about it=E2=80=A6 I understand that we no longer need secteam permission for backports of = security items. =E2=80=94=20 Dan Langille http://langille <http://langille/>.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?DE7D543C-ACB4-43E9-A673-4A459384921A>