Date: Tue, 30 Jun 2015 02:16:28 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 201105] games/wesnoth: [security] Wesnoth authentication information disclosure (CVE-2015-5069,CVE-2015-5070) Message-ID: <bug-201105-13-LsewebL1kJ@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-201105-13@https.bugs.freebsd.org/bugzilla/> References: <bug-201105-13@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=201105 --- Comment #2 from Jason Unovitch <jason.unovitch@gmail.com> --- Created attachment 158174 --> https://bugs.freebsd.org/bugzilla/attachment.cgi?id=158174&action=edit security/vuxml entry for wesnoth CVE-2015-5069,CVE-2015-5070 # make validate /bin/sh /usr/ports/security/vuxml/files/tidy.sh "/usr/ports/security/vuxml/files/tidy.xsl" "/usr/ports/security/vuxml/vuln.xml" > "/usr/ports/security/vuxml/vuln.xml.tidy" >>> Validating... /usr/local/bin/xmllint --valid --noout /usr/ports/security/vuxml/vuln.xml >>> Successful. Checking if tidy differs... ... seems okay Checking for space/tab... ... seems okay /usr/local/bin/python2.7 /usr/ports/security/vuxml/files/extra-validation.py /usr/ports/security/vuxml/vuln.xml # env PKG_DBDIR=/usr/ports/security/vuxml pkg audit wesnoth-1.12.4,1 0 problem(s) in the installed packages found. # env PKG_DBDIR=/usr/ports/security/vuxml pkg audit wesnoth-1.12.2,1 wesnoth-1.12.2,1 is vulnerable: wesnoth -- disclosure of .pbl files with lowercase, uppercase, and mixed-case extension CVE: CVE-2015-5070 CVE: CVE-2015-5069 WWW: https://vuxml.FreeBSD.org/freebsd/2a8b7d21-1ecc-11e5-a4a5-002590263bf5.html 1 problem(s) in the installed packages found. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-201105-13-LsewebL1kJ>