git: d662435e085f - main - security/vuxml: Fix urls in latest OpenSSL vulns

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Bernard Spil <brnrd_at_FreeBSD.org>
Date: Thu, 05 Sep 2024 06:37:02 UTC

The branch main has been updated by brnrd:

URL: https://cgit.FreeBSD.org/ports/commit/?id=d662435e085f5072f8ef17e924b2d82f395998b0

commit d662435e085f5072f8ef17e924b2d82f395998b0
Author:     Bernard Spil <brnrd@FreeBSD.org>
AuthorDate: 2024-09-05 06:31:38 +0000
Commit:     Bernard Spil <brnrd@FreeBSD.org>
CommitDate: 2024-09-05 06:31:38 +0000

    security/vuxml: Fix urls in latest OpenSSL vulns
    
    Reported by:    ashish
---
 security/vuxml/vuln/2024.xml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/security/vuxml/vuln/2024.xml b/security/vuxml/vuln/2024.xml
index 0258b868759d..84734eddc024 100644
--- a/security/vuxml/vuln/2024.xml
+++ b/security/vuxml/vuln/2024.xml
@@ -29,7 +29,7 @@
     <description>
 	<body xmlns="http://www.w3.org/1999/xhtml">
 	<p>The OpenSSL project reports:</p>
-	<blockquote cite="https://www.openssl.org/news/secadv/20240528.txt">
+	<blockquote cite="https://openssl-library.org/news/secadv/20240903.txt">
 	  <p>Possible denial of service in X.509 name checks [Moderate severity]
 	    Applications performing certificate name checks (e.g., TLS clients
 	    checking server certificates) may attempt to read an invalid
@@ -45,7 +45,8 @@
     <references>
       <cvename>CVE-2024-5535</cvename>
       <cvename>CVE-2024-6119</cvename>
-      <url>https://openssl-library.org/news/vulnerabilities/</url>
+      <url>https://openssl-library.org/news/secadv/20240627.txt</url>
+      <url>https://openssl-library.org/news/secadv/20240903.txt</url>
     </references>
     <dates>
       <discovery>2024-09-03</discovery>