[Bug 270744] 20 VuXML new entries for vulnerable ports

[bugzilla-noreply]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=270744

            Bug ID: 270744
           Summary: 20 VuXML new entries for vulnerable ports
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: https://github.com/HubTou/pysec2vuxml
                OS: Any
            Status: New
          Keywords: security
          Severity: Affects Many People
          Priority: ---
         Component: Individual Port(s)
          Assignee: ports-b...@freebsd.org
          Reporter: hubert.tourn...@gmail.com
                CC: 0...@freebsd.org, amzo1...@gmail.com,
                    cont...@kanazuchi.com, d...@freebsd.org,
                    phi...@freebsd.org, ports-sect...@freebsd.org,
                    po...@freebsd.org, python@FreeBSD.org,
                    sunp...@freebsd.org, swi...@freebsd.org,
                    y...@freebsd.org
                CC: ports-sect...@freebsd.org

Created attachment 241403
  --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=241403&action=edit
20 VuXML new entries for vulnerable ports

A second batch of new VuXML entries for vulnerable ports discovered with
pysec2vuxml (see https://github.com/HubTou/pysec2vuxml).

Others will follow as soon as possible.

Entries were verified with:
# cd /usr/ports/security/vuxml
# make validate

Here are the ports affected with their respective maintainers:

-------------------------------------------------------------------------------------------------------------
Vulns Package           Port path                 Port name              Port
version Maintainer             
-------------------------------------------------------------------------------------------------------------
2     cinder            misc/py-cinder            py39-cinder           
12.0.10_22   sunp...@freebsd.org    
2     tflite            misc/py-tflite            py39-tflite            2.3.0 
      y...@freebsd.org       
2     impacket          net/py-impacket           py39-impacket         
0.9.17_1     cont...@kanazuchi.com  
1     suds              net/py-suds               py39-suds              1.1.2 
      sunp...@freebsd.org    
1     slixmpp           net-im/py-slixmpp         py39-slixmpp           1.7.1 
      0...@freebsd.org        
1     nicotine-plus     net-p2p/py-nicotine-plus  py39-nicotine-plus    
3.2.0_1      po...@freebsd.org      
1     pymatgen          science/py-pymatgen       py39-pymatgen         
2022.7.19    y...@freebsd.org       
3     tensorflow        science/py-tensorflow     py39-tensorflow       
2.9.1_5      amzo1...@gmail.com     
2     cryptography      security/py-cryptography  py39-cryptography     
3.4.8_1,1    sunp...@freebsd.org    
1     kerberos          security/py-kerberos      py39-kerberos          1.3.1 
      d...@freebsd.org        
6     pysaml2           security/py-pysaml24      py39-pysaml24         
4.9.0_1      sunp...@freebsd.org    
3     ansible           sysutils/ansible          py39-ansible           7.1.0 
      0...@freebsd.org        
2     psutil            sysutils/py-psutil121     py39-psutil121        
1.2.1_2      swi...@freebsd.org     
1     beaker            www/py-beaker             py39-beaker            1.12.1
      python@FreeBSD.org      
=============================================================================================================
Python packages's FreeBSD ports = 4127
  vulnerable ports              = 41    (14 in this batch)
  vulnerable ports/version      = 46    (14 in this batch)
    vulnerabilities             = 140   (28 in this batch)
-------------------------------------------------------------------------------------------------------------

-- 
You are receiving this mail because:
You are on the CC list for the bug.