FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
0c52abde-717b-11ed-98ca-40b034429ecfrpm4 -- Multiple Vulnerabilities

rpm project reports:

Fix intermediate symlinks not verified (CVE-2021-35939).

Fix subkey binding signatures not checked on PGP public keys (CVE-2021-3521).

Refactor file and directory operations to use fd-based APIs throughout (CVE-2021-35938)


Discovery 2022-08-22
Entry 2022-12-01
rpm4
< 4.18.0

CVE-2021-35939
CVE-2021-3521
CVE-2021-35938
f8fe2905-0918-11e9-a550-00262d164c21rpm4 -- regression in -setperms, -setugids and -restore

rpm4 reports:

Regression in -setperms, -setugids and -restore

Note that this update can not automatically fix possible damage done by using -setperms, -setugids or -restore with rpm 4.14.2, it merely fixes the functionlity itself. Any damage needs to be investigated and fixed manually, such as using -verify and -restore or reinstalling packages.


Discovery 2018-10-22
Entry 2018-12-26
rpm4
< 4.14.2.1

http://rpm.org/wiki/Releases/4.14.2.1