git: ab5f837462e0 - main - security/vuxml: add www/oauth2-proxy < 7.8.0 entry
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 29 Jan 2025 21:07:04 UTC
The branch main has been updated by rm:
URL: https://cgit.FreeBSD.org/ports/commit/?id=ab5f837462e075723c1be8573d178751b2ba2ede
commit ab5f837462e075723c1be8573d178751b2ba2ede
Author: Ruslan Makhmatkhanov <rm@FreeBSD.org>
AuthorDate: 2025-01-29 21:06:04 +0000
Commit: Ruslan Makhmatkhanov <rm@FreeBSD.org>
CommitDate: 2025-01-29 21:06:04 +0000
security/vuxml: add www/oauth2-proxy < 7.8.0 entry
PR: 284059
Reported by: Matthias Wolf <freebsd@rheinwolf.de>
---
security/vuxml/vuln/2025.xml | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/security/vuxml/vuln/2025.xml b/security/vuxml/vuln/2025.xml
index f21059cf40cf..c145f7a37fdc 100644
--- a/security/vuxml/vuln/2025.xml
+++ b/security/vuxml/vuln/2025.xml
@@ -1,3 +1,31 @@
+ <vuln vid="258a58a9-6583-4808-986b-e785c27b0a18">
+ <topic>oauth2-proxy -- Non-linear parsing of case-insensitive content</topic>
+ <affects>
+ <package>
+ <name>oauth2-proxy</name>
+ <range><lt>7.8.0</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Golang reports:</p>
+ <blockquote cite="https://github.com/advisories/GHSA-w32m-9786-jp63">
+ <p>This update include security fixes:</p>
+ <ul>
+ <li>CVE-2024-45338: Non-linear parsing of case-insensitive content</li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2024-45338</cvename>
+ </references>
+ <dates>
+ <discovery>2025-01-14</discovery>
+ <entry>2025-01-30</entry>
+ </dates>
+ </vuln>
+
<vuln vid="41711c0d-db27-11ef-873e-8447094a420f">
<topic>Vaultwarden -- Muiltiple vulnerabilities</topic>
<affects>