I ran:
pkg audit -F
Fetching vuln.xml.bz2: 100% 848 KiB 868.5kB/s 00:01
python27-2.7.17_1 is vulnerable:
Python -- Regular Expression DoS attack against client
CVE: CVE-2020-8492
WWW: https://vuxml.FreeBSD.org/freebsd/a27b0 ... 117d8.html
python27-2.7.17_1 is vulnerable:
Python -- CRLF injection via the host part of the url passed to urlopen()
CVE: CVE-2019-18348
WWW: https://vuxml.FreeBSD.org/freebsd/ca595 ... 46a02.html
samba410-4.10.14 is vulnerable:
samba -- multiple vulnerabilities
CVE: CVE-2020-10704
CVE: CVE-2020-10700
WWW: https://vuxml.FreeBSD.org/freebsd/3c791 ... 311d1.html
vlc-3.0.8_21,4 is vulnerable:
vlc -- Multiple vulnerabilities fixed in VLC media player
WWW: https://vuxml.FreeBSD.org/freebsd/4a109 ... a8bf9.html
json-c-0.13.1_1 is vulnerable:
json-c -- integer overflow and out-of-bounds write via a large JSON file
CVE: CVE-2020-12762
WWW: https://vuxml.FreeBSD.org/freebsd/abc3e ... 1abf4.html
mysql57-client-5.7.29_1 is vulnerable:
MySQL Client -- Multiple vulerabilities
CVE: CVE-2020-2933
CVE: CVE-2020-2922
CVE: CVE-2020-2875
CVE: CVE-2020-2934
CVE: CVE-2020-2752
WWW: https://vuxml.FreeBSD.org/freebsd/622b5 ... 17024.html
taglib-1.11.1_3 is vulnerable:
taglib -- heap-based buffer over-read via a crafted audio file
CVE: CVE-2018-11439
WWW: https://vuxml.FreeBSD.org/freebsd/d3f3e ... a8bf9.html
7 problem(s) in 6 installed package(s) found.
Any idea when fixed will be available?
Security updates
Re: Security updates
For ports that is not maintain by me or GhostBSD, you want to answer ask to the port maintainer.
Re: Security updates
Thank you for the response. The port maintainers have fixed the anomalies and only one insignificant anomaly is left.
WWW: https://vuxml.FreeBSD.org/freebsd/abc3e ... 1abf4.html
WWW: https://vuxml.FreeBSD.org/freebsd/abc3e ... 1abf4.html