Vulnerable packages in ports tree 13/07

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Vulnerable packages in ports tree 13/07

Sevan / Venture37-2
graphics/libwmf - CVE-2015-0848, CVE-2015-4696, CVE-2015-4695, CVE-2015-4588

Reply | Threaded
Open this post in threaded view
|

Re: Vulnerable packages in ports tree 13/07

Gleydson Soares-3
On Sun, Jul 12, 2015 at 11:27 PM, Sevan / Venture37 <[hidden email]> wrote:
> graphics/libwmf - CVE-2015-0848, CVE-2015-4696, CVE-2015-4695, CVE-2015-4588
>

No. These were already fixed [1].

[1] http://marc.info/?l=openbsd-ports-cvs&m=143530877618567&w=2

cheers,
gsoares

Reply | Threaded
Open this post in threaded view
|

Re: Vulnerable packages in ports tree 13/07

Sevan / Venture37-2
On 13 July 2015 at 04:10, Gleydson Soares <[hidden email]> wrote:
> On Sun, Jul 12, 2015 at 11:27 PM, Sevan / Venture37 <[hidden email]> wrote:
>> graphics/libwmf - CVE-2015-0848, CVE-2015-4696, CVE-2015-4695, CVE-2015-4588
>>
>
> No. These were already fixed [1].
>
> [1] http://marc.info/?l=openbsd-ports-cvs&m=143530877618567&w=2

Hi,
Appologies, http://openports.se/graphics/libwmf indicated that the
package hadn't been updated for some time. Looks like the site stopped
updating.


Sevan / Venture37

Reply | Threaded
Open this post in threaded view
|

Re: Vulnerable packages in ports tree 13/07

Stuart Henderson-6
On 2015/07/13 13:25, Sevan / Venture37 wrote:

> On 13 July 2015 at 04:10, Gleydson Soares <[hidden email]> wrote:
> > On Sun, Jul 12, 2015 at 11:27 PM, Sevan / Venture37 <[hidden email]> wrote:
> >> graphics/libwmf - CVE-2015-0848, CVE-2015-4696, CVE-2015-4695, CVE-2015-4588
> >>
> >
> > No. These were already fixed [1].
> >
> > [1] http://marc.info/?l=openbsd-ports-cvs&m=143530877618567&w=2
>
> Hi,
> Appologies, http://openports.se/graphics/libwmf indicated that the
> package hadn't been updated for some time. Looks like the site stopped
> updating.

Weird, they are showing some updates but not that one...

Reply | Threaded
Open this post in threaded view
|

Re: Vulnerable packages in ports tree 13/07

Sevan / Venture37-2
In reply to this post by Sevan / Venture37-2
On 13 July 2015 at 03:27, Sevan / Venture37 <[hidden email]> wrote:
> graphics/libwmf - CVE-2015-0848, CVE-2015-4696, CVE-2015-4695, CVE-2015-4588

While these may have been taken care of, the following CVEs have not
CVE-2004-0941
CVE-2007-0455
CVE-2007-2756
CVE-2007-3472
CVE-2007-3473
CVE-2007-3477
CVE-2009-3546

Sevan / Venture37