[Bug 279436] devel/py-configobj is vulnerable GHSA-c33w-24p9-8m24 CVE-2023-26112

Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 31 May 2024 13:27:14 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=279436

            Bug ID: 279436
           Summary: devel/py-configobj is vulnerable GHSA-c33w-24p9-8m24
                    CVE-2023-26112
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: Individual Port(s)
          Assignee: nivit@FreeBSD.org
          Reporter: void@f-m.fm
             Flags: maintainer-feedback?(nivit@FreeBSD.org)
          Assignee: nivit@FreeBSD.org

Hi,

devel/py-configobj (py311-configobj-5.0.8) in ports is vulnerable:

https://github.com/advisories/GHSA-c33w-24p9-8m24
https://nvd.nist.gov/vuln/detail/CVE-2023-26112
https://github.com/pytroll/pyresample/issues/589

There doesn't appear to be an update for it.
This vuln isn't in vulnxml.

-- 
You are receiving this mail because:
You are the assignee for the bug.