FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-22 18:21:47 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b428e6b3-926c-11e1-8d7b-003067b2972cportupgrade-devel -- lack of distfile checksums

Ports security team reports:

The portupgrade-devel port fetched directly from a git respository without checking against a known good SHA hash. This means that it is possible that packages built using this port may not match the one vetted by the maintainer. Users are advised to rebuild portupgrade-devel from known good sources.


Discovery 2012-04-30
Entry 2012-04-30
Modified 2012-05-06
portupgrade-devel
< 0,3

http://web.archiveorange.com/archive/v/6ETvLYPz7CfFT9tiHKiI
http://www.freebsd.org/cgi/getmsg.cgi?fetch=100677+0+/usr/local/www/db/text/2012/cvs-ports/20120506.cvs-ports