CVE-2022-29718: Caddy v2.4 was discovered to contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on crafted links.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f6d08af3cca8fe3c0e3fcf10a3b5409d1ca286fe commit f6d08af3cca8fe3c0e3fcf10a3b5409d1ca286fe Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2022-06-03 02:08:27 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2022-06-03 02:09:10 +0000 www-servers/caddy: drop 2.4.6 Bug: https://bugs.gentoo.org/849407 Signed-off-by: Zac Medico <zmedico@gentoo.org> www-servers/caddy/Manifest | 2 -- www-servers/caddy/caddy-2.4.6.ebuild | 46 ------------------------------------ 2 files changed, 48 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a33c248da1c24a1a4f2bf04daec02f913bb90caa commit a33c248da1c24a1a4f2bf04daec02f913bb90caa Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2022-06-03 02:07:34 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2022-06-03 02:09:10 +0000 www-servers/caddy: stabilize 2.5.1 for amd64 Bug: https://bugs.gentoo.org/849407 Signed-off-by: Zac Medico <zmedico@gentoo.org> www-servers/caddy/caddy-2.5.1.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
Thanks! All done.
