From owner-svn-ports-head@FreeBSD.ORG Thu Aug 30 09:03:23 2012 Return-Path: Delivered-To: svn-ports-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 3DAF5106564A; Thu, 30 Aug 2012 09:03:23 +0000 (UTC) (envelope-from rea@FreeBSD.org) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:4f8:fff6::2c]) by mx1.freebsd.org (Postfix) with ESMTP id 0F9128FC14; Thu, 30 Aug 2012 09:03:23 +0000 (UTC) Received: from svn.freebsd.org (localhost [127.0.0.1]) by svn.freebsd.org (8.14.4/8.14.4) with ESMTP id q7U93MjE011809; Thu, 30 Aug 2012 09:03:22 GMT (envelope-from rea@svn.freebsd.org) Received: (from rea@localhost) by svn.freebsd.org (8.14.4/8.14.4/Submit) id q7U93MRp011807; Thu, 30 Aug 2012 09:03:22 GMT (envelope-from rea@svn.freebsd.org) Message-Id: <201208300903.q7U93MRp011807@svn.freebsd.org> From: Eygene Ryabinkin Date: Thu, 30 Aug 2012 09:03:22 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org X-SVN-Group: ports-head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cc: Subject: svn commit: r303364 - head/security/vuxml X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 30 Aug 2012 09:03:23 -0000 Author: rea Date: Thu Aug 30 09:03:22 2012 New Revision: 303364 URL: http://svn.freebsd.org/changeset/ports/303364 Log: VuXML: document CVE-2012-4681, security manager bypass in Java 7.x Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Aug 30 08:57:33 2012 (r303363) +++ head/security/vuxml/vuln.xml Thu Aug 30 09:03:22 2012 (r303364) @@ -51,6 +51,55 @@ Note: Please add new entries to the beg --> + + Java 1.7 -- security manager bypass + + + openjdk + 7.07.6.24_1 + + + linux-sun-jdk + 7.0 + + + linux-sun-jre + 7.0 + + + + +

US-CERT reports:

+
Oracle Java Runtime Environment (JRE) 1.7 contains a + vulnerability that may allow an applet to call + setSecurityManager in a way that allows setting of arbitrary + permissions.
+
By leveraging the public, privileged getField() function, + an untrusted Java applet can escalate its privileges by + calling the setSecurityManager() function to allow full + privileges, without requiring code signing.
+
This vulnerability is being actively exploited in the + wild, and exploit code is publicly available.
+

This exploit does not only affect Java applets, but every + piece of software that relies on the Java Security Manager for + sandboxing executable code is affected: malicious code can + totally disable Security Manager.

+ + + + CVE-2012-4681 + 636312 + http://www.deependresearch.org/2012/08/java-7-vulnerability-analysis.html + http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-August/020065.html + + + 2012-08-27 + 2012-08-30 + + + fetchmail -- chosen plaintext attack against SSL CBC initialization vectors