From nobody Sun Apr 23 09:36:56 2023 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Q437X4BJVz477R4; Sun, 23 Apr 2023 09:36:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Q437X36hfz3Pw0; Sun, 23 Apr 2023 09:36:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1682242616; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=pDyzJ2lSH0zD7SJVFtLBO5ksNNpxmZw6Sq6ijLSj2vE=; b=HPuPWo9Odx6zzqegpyF6K2MFI2DpZyoDUKiR/IKdRVBbnDohRt9p0w0cJNH8Y1OFyjkIBv AndmCaTIfMn20LNOATbatC9xSwbVVLmVDB37gcttu7jlJ7+3gD7lV6DYuiruMZCoqkTopk uPdQI8B+2Oy8peZr/L8BswKd+0vGb6fpH9+bg8ev6mhpCbu3xtg5ohfr+uvA4/xsHzLWnE 3/kNdd5HN+IQNk484I2eXKMzKM7ixv3qke48Hhd4xjJF3n6jFtUFXZAGuuLMlcw9YvkUMI sX4poICZEJ4TeOh3uLlTDWFxapB/5+I6j+PlaoTeFzxkJOj1VM0iKccej0keOg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1682242616; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=pDyzJ2lSH0zD7SJVFtLBO5ksNNpxmZw6Sq6ijLSj2vE=; b=kao4I4QAMKzzJl8eJPZRyNQjSzyLIHPR51n/ZZTFSsfMA3P7OmIc+flgeLRbzDOW9IW55s RW4LXvRHYuuZVe292lUYPfHeqTQuEBCBK7hAv8Dy81Gx+x7XslwcndD2yugMAKIx43QYAh XA0HLbQ2WXs8nVwp8iwf3YOpThnrIJ9Ze79SLQfZK/c2zTTtpT7IRQ6wGcsYdqYcWEITqB D8fSYzeIs/9IrTdbYkTtOPEh161El0LZMgrOMhPu28QMRbXCoXrBsyrWzm8+fNKW37ck4q FgBOrHmh0RAkDZsAXOwx6dCCqwbXAzFh+FBSEIC0lQZwX1BsZR3c2ixYUergjg== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1682242616; a=rsa-sha256; cv=none; b=Utk1OPbaYhyTJZI3oq3o4a2hiaye8AC3nBzQAOajzAELG1yv7bv8xvLIvdFctxOTabRvqt ku145zyhPwGbsNe9knjbKrpSok1hwanCFuVE3A/bos3R3xIJeqmOtmqNzojM7Xrs/OR/ym 6PPlbrYIrRi5bOX+ELc0UErUot+DloCn9uX4zlmBkt/BYdkNSgmHCerFqV/7KSRUWqLjzp Rue/ec1vLoZXU4Y2iPTLv9TqafIjgAKT6ZWKUl1YoWK+yIaL+0iHUCpgY5PyJMb6QdwayP S9iG6lfxJv0v2p6VZnprbMHUipuRDK4Dfebr6cffCC6M6Rl49ojngJLF7dzhFQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Q437X2DdRzdqC; Sun, 23 Apr 2023 09:36:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 33N9aulN003502; Sun, 23 Apr 2023 09:36:56 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 33N9au1d003501; Sun, 23 Apr 2023 09:36:56 GMT (envelope-from git) Date: Sun, 23 Apr 2023 09:36:56 GMT Message-Id: <202304230936.33N9au1d003501@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Matthias Andree Subject: git: e73586a6d60a - main - security/vuxml: fix up ghostscript version range of CVE-2023-28879 List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-ports-all@freebsd.org X-BeenThere: dev-commits-ports-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: mandree X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: e73586a6d60ae9695b97962977807af6889b1525 Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by mandree: URL: https://cgit.FreeBSD.org/ports/commit/?id=e73586a6d60ae9695b97962977807af6889b1525 commit e73586a6d60ae9695b97962977807af6889b1525 Author: Matthias Andree AuthorDate: 2023-04-21 18:09:19 +0000 Commit: Matthias Andree CommitDate: 2023-04-21 18:09:19 +0000 security/vuxml: fix up ghostscript version range of CVE-2023-28879 Pointy hat to: mandree@ for misreading the quoted Artifex page Reported by: Nicholas Taylor PR: 270823 (comment #3) Security: CVE-2023-28879 Security: 25872b25-da2d-11ed-b715-a1e76793953b --- security/vuxml/vuln/2023.xml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml index 7c346be72fac..6b5ae5611120 100644 --- a/security/vuxml/vuln/2023.xml +++ b/security/vuxml/vuln/2023.xml @@ -210,16 +210,16 @@ ghostscript -- exploitable buffer overflow in (T)BCP in PS interpreter - ghostscript 10.01.0 - ghostscript7-base10.01.0 - ghostscript7-commfont10.01.0 - ghostscript7-jpnfont10.01.0 - ghostscript7-korfont10.01.0 - ghostscript7-x1110.01.0 - ghostscript8-base10.01.0 - ghostscript8-x1110.01.0 - ghostscript9-agpl-base10.01.0 - ghostscript9-agpl-x1110.01.0 + ghostscript 10.01.1 + ghostscript7-base10.01.1 + ghostscript7-commfont10.01.1 + ghostscript7-jpnfont10.01.1 + ghostscript7-korfont10.01.1 + ghostscript7-x1110.01.1 + ghostscript8-base10.01.1 + ghostscript8-x1110.01.1 + ghostscript9-agpl-base10.01.1 + ghostscript9-agpl-x1110.01.1 @@ -242,6 +242,7 @@ 2023-03-23 2023-04-13 + 2023-04-23