Date: Thu, 14 Jun 2018 21:02:31 +0000 (UTC) From: Rene Ladan <rene@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r472397 - head/security/vuxml Message-ID: <201806142102.w5EL2VSX011921@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rene Date: Thu Jun 14 21:02:30 2018 New Revision: 472397 URL: https://svnweb.freebsd.org/changeset/ports/472397 Log: List GPG parsing vulnerabilities in sysutils/password-store < 1.7.2 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Jun 14 20:17:42 2018 (r472396) +++ head/security/vuxml/vuln.xml Thu Jun 14 21:02:30 2018 (r472397) @@ -58,6 +58,46 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="53eb9e1e-7014-11e8-8b1f-3065ec8fd3ec"> + <topic>password-store -- GPG parsing vulnerabilities</topic> + <affects> + <package> + <name>password-store</name> + <range><lt>1.7.2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Jason A. Donenfeld reports:</p> + <blockquote cite="https://lists.zx2c4.com/pipermail/password-store/2018-June/003308.html">; + <p>Markus Brinkmann discovered that [the] parsing of gpg command line + output with regexes isn't anchored to the beginning of the line, + which means an attacker can generate a malicious key that simply has + the verification string as part of its username.</p> + <p>This has a number of nasty consequences:</p> + <ul> + <li>an attacker who manages to write into your ~/.password-store + and also inject a malicious key into your keyring can replace + your .gpg-id key and have your passwords encrypted under + additional keys;</li> + <li>if you have extensions enabled (disabled by default), an + attacker who manages to write into your ~/.password-store and + also inject a malicious key into your keyring can replace your + extensions and hence execute code.</li> + </ul> + </blockquote> + </body> + </description> + <references> + <url>https://lists.zx2c4.com/pipermail/password-store/2018-June/003308.html</url>; + <cvename>CVE-2018-12356</cvename> + </references> + <dates> + <discovery>2018-06-14</discovery> + <entry>2018-06-14</entry> + </dates> + </vuln> + <vuln vid="9b5162de-6f39-11e8-818e-e8e0b747a45a"> <topic>libgcrypt -- side-channel attack vulnerability</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201806142102.w5EL2VSX011921>