[Bug 207173] devel/hive: Apache Hive authorization bug disclosure in 1.2.1 (CVE-2015-7521)

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=207173

            Bug ID: 207173
           Summary: devel/hive: Apache Hive authorization bug disclosure
                    in 1.2.1 (CVE-2015-7521)
           Product: Ports & Packages
           Version: Latest
          Hardware: Any
               URL: http://www.openwall.com/lists/oss-security/2016/01/28/
                    12
                OS: Any
            Status: New
          Keywords: needs-patch, needs-qa, security
          Severity: Affects Some People
          Priority: ---
         Component: Individual Port(s)
          Assignee: demon at FreeBSD.org
          Reporter: junovitch at freebsd.org
                CC: ports-secteam at FreeBSD.org
             Flags: maintainer-feedback?(demon at FreeBSD.org),
                    merge-quarterly?
          Assignee: demon at FreeBSD.org

Reference: http://www.openwall.com/lists/oss-security/2016/01/28/12

It looks like we will have to include the parent-auth-hook from
http://apache.arvixe.com/hive/hive-parent-auth-hook/, bump portrevision, and
document the mitigation steps in VuXML.

-- 
You are receiving this mail because:
You are the assignee for the bug.