git: 3fb1ffb2b269 - main - security/vuln: Fix file

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Fernando Apesteguía <fernape_at_FreeBSD.org>
Date: Mon, 23 Jan 2023 12:47:06 UTC
The branch main has been updated by fernape:

URL: https://cgit.FreeBSD.org/ports/commit/?id=3fb1ffb2b26959f4ea21ead0441fe18602cdbfeb

commit 3fb1ffb2b26959f4ea21ead0441fe18602cdbfeb
Author:     Fernando Apesteguía <fernape@FreeBSD.org>
AuthorDate: 2023-01-23 12:42:21 +0000
Commit:     Fernando Apesteguía <fernape@FreeBSD.org>
CommitDate: 2023-01-23 12:42:21 +0000

    security/vuln: Fix file
    
    It didn't pass `make validate`.
---
 security/vuxml/vuln/2023.xml | 34 +++++++++++++++++-----------------
 1 file changed, 17 insertions(+), 17 deletions(-)

diff --git a/security/vuxml/vuln/2023.xml b/security/vuxml/vuln/2023.xml
index d43c2aa94ef3..b792812464d5 100644
--- a/security/vuxml/vuln/2023.xml
+++ b/security/vuxml/vuln/2023.xml
@@ -11,23 +11,23 @@
 	<p>Peter Ammon reports:</p>
 	<blockquote cite="https://nvd.nist.gov/vuln/detail/CVE-2022-20001">
             <p>
-                fish is a command line shell. fish version 3.1.0 through
-                version 3.3.1 is vulnerable to arbitrary code execution.
-                git repositories can contain per-repository
-                configuration that change the behavior of git, including
-                running arbitrary commands. When using the default
-                configuration of fish, changing to a directory
-                automatically runs git commands in order to display
-                information about the current repository in the prompt.
-                If an attacker can convince a user to change their
-                current directory into one controlled by the attacker,
-                such as on a shared file system or extracted archive,
-                fish will run arbitrary commands under the attacker's
-                control. This problem has been fixed in fish 3.4.0. Note
-                that running git in these directories, including using
-                the git tab completion, remains a potential trigger for
-                this issue. As a workaround, remove the
-                fish_git_prompt function from the prompt.
+		fish is a command line shell. fish version 3.1.0 through
+		version 3.3.1 is vulnerable to arbitrary code execution.
+		git repositories can contain per-repository
+		configuration that change the behavior of git, including
+		running arbitrary commands. When using the default
+		configuration of fish, changing to a directory
+		automatically runs git commands in order to display
+		information about the current repository in the prompt.
+		If an attacker can convince a user to change their
+		current directory into one controlled by the attacker,
+		such as on a shared file system or extracted archive,
+		fish will run arbitrary commands under the attacker's
+		control. This problem has been fixed in fish 3.4.0. Note
+		that running git in these directories, including using
+		the git tab completion, remains a potential trigger for
+		this issue. As a workaround, remove the
+		fish_git_prompt function from the prompt.
 	    </p>
 	</blockquote>
       </body>