Hi, > Enviar: viernes 30 de junio de 2017 a las 18:04 > De: "Jos Chrispijn" <bsdpo...@cloudzeeland.nl> > Para: "FreeBSD Ports ML" <freebsd-ports@freebsd.org>, c...@freebsd.org > Asunto: Vulnerability > > Dear port maintainer, > > Just to let you know that I ran into the following vulenerability report: > > libgcrypt-1.7.7 is vulnerable: > libgcrypt -- side-channel attack on RSA secret keys > CVE: CVE-2017-7526 > WWW:https://vuxml.FreeBSD.org/freebsd/ed3bf433-5d92-11e7-aa14-e8e0b747a45a.html > > Could you send out a port update? Thanks in advance! >
I have submitted a patch to update libgcrypt to 1.7.8 (still pending for an exp-run) https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=220382 You can grab the patch, apply and build the port. > Keep up the good work, > Jos Chrispijn > > Kind regards, -- Carlos Jacobo Puga Medina <c...@gmx.es> _______________________________________________ freebsd-ports@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-ports To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"