Date: Fri, 30 Jun 2017 18:23:10 +0200 From: "Carlos Jacobo Puga Medina" <cjpm@gmx.es> To: freebsd-ports@freebsd.org Subject: Re: Vulnerability Message-ID: <trinity-1ae34c96-a927-4cd3-926c-316bc8ff339e-1498839790867@3capp-mailcom-bs01>
next in thread | raw e-mail | index | archive | help
Hi, > Enviar: viernes 30 de junio de 2017 a las 18:04 > De: "Jos Chrispijn" <bsdports@cloudzeeland.nl> > Para: "FreeBSD Ports ML" <freebsd-ports@freebsd.org>, cpm@FreeBSD.org > Asunto: Vulnerability > > Dear port maintainer, > > Just to let you know that I ran into the following vulenerability report: > > libgcrypt-1.7.7 is vulnerable: > libgcrypt -- side-channel attack on RSA secret keys > CVE: CVE-2017-7526 > WWW:https://vuxml.FreeBSD.org/freebsd/ed3bf433-5d92-11e7-aa14-e8e0b747a45a.html > > Could you send out a port update? Thanks in advance! > I have submitted a patch to update libgcrypt to 1.7.8 (still pending for an exp-run) https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220382 You can grab the patch, apply and build the port. > Keep up the good work, > Jos Chrispijn > > Kind regards, -- Carlos Jacobo Puga Medina <cjpm@gmx.es>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?trinity-1ae34c96-a927-4cd3-926c-316bc8ff339e-1498839790867>