Date: Mon, 20 Jun 2016 19:08:32 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r417173 - head/security/vuxml Message-ID: <201606201908.u5KJ8Wuf063490@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Mon Jun 20 19:08:31 2016 New Revision: 417173 URL: https://svnweb.freebsd.org/changeset/ports/417173 Log: Update vuxml for libxslt vulnerabilities These vulnerabilities were previously reported by Google as they bundle libxslt with Chrome. When we patched Chromium to address these vulnerabilites it was overlooked that we do not bundle libxslt library with Chromium, but instead use textproc/libxslt. Chromium users have continued to be vulnerable to these CVEs as a result. This update fixes the Chromium CVE entry and adds a separate one for libxslt. PR: 210298 Security: CVE-2016-1683 Security: CVE-2016-1684 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Mon Jun 20 18:58:36 2016 (r417172) +++ head/security/vuxml/vuln.xml Mon Jun 20 19:08:31 2016 (r417173) @@ -58,6 +58,38 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="1a2aa04f-3718-11e6-b3c8-14dae9d210b8"> + <topic>libxslt -- Denial of Service</topic> + <affects> + <package> + <name>libxslt</name> + <range><lt>1.1.29</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Google reports:</p> + <blockquote cite="http://seclists.org/bugtraq/2016/Jun/81">; + <ul> + <li>[583156] Medium CVE-2016-1683: Out-of-bounds access in libxslt. + Credit to Nicolas Gregoire.</li> + <li>[583171] Medium CVE-2016-1684: Integer overflow in libxslt. + Credit to Nicolas Gregoire.</li> + </ul> + </blockquote> + </body> + </description> + <references> + <url>http://googlechromereleases.blogspot.com/2016/05/stable-channel-update_25.html</url>; + <cvename>CVE-2016-1683</cvename> + <cvename>CVE-2016-1684</cvename> + </references> + <dates> + <discovery>2016-05-25</discovery> + <entry>2016-06-20</entry> + </dates> + </vuln> + <vuln vid="0e3dfdde-35c4-11e6-8e82-002590263bf5"> <topic>flash -- multiple vulnerabilities</topic> <affects> @@ -1093,10 +1125,6 @@ Notes: Aleksandar Nikolic of Cisco Talos.</li> <li>[579801] Medium CVE-2016-1682: CSP bypass for ServiceWorker. Credit to KingstonTime.</li> - <li>[583156] Medium CVE-2016-1683: Out-of-bounds access in libxslt. - Credit to Nicolas Gregoire.</li> - <li>[583171] Medium CVE-2016-1684: Integer overflow in libxslt. - Credit to Nicolas Gregoire.</li> <li>[601362] Medium CVE-2016-1685: Out-of-bounds read in PDFium. Credit to Ke Liu of Tencent's Xuanwu LAB.</li> <li>[603518] Medium CVE-2016-1686: Out-of-bounds read in PDFium. @@ -1135,8 +1163,6 @@ Notes: <cvename>CVE-2016-1680</cvename> <cvename>CVE-2016-1681</cvename> <cvename>CVE-2016-1682</cvename> - <cvename>CVE-2016-1683</cvename> - <cvename>CVE-2016-1684</cvename> <cvename>CVE-2016-1685</cvename> <cvename>CVE-2016-1686</cvename> <cvename>CVE-2016-1687</cvename> @@ -1153,6 +1179,7 @@ Notes: <dates> <discovery>2016-05-25</discovery> <entry>2016-05-28</entry> + <modified>2016-06-20</modified> </dates> </vuln>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201606201908.u5KJ8Wuf063490>