Date: Sat, 1 Jun 2013 19:22:39 +0000 (UTC) From: Raphael Kubo da Costa <rakuco@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r319586 - head/security/vuxml Message-ID: <201306011922.r51JMdt9076498@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rakuco Date: Sat Jun 1 19:22:38 2013 New Revision: 319586 URL: http://svnweb.freebsd.org/changeset/ports/319586 Log: Remove duplicate optipng vulnerability. It was separately committed in r315254, so remove the version I added in r318453. Reported by: Alexander Milanov <a@amilanov.com> Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sat Jun 1 19:18:44 2013 (r319585) +++ head/security/vuxml/vuln.xml Sat Jun 1 19:22:38 2013 (r319586) @@ -621,38 +621,6 @@ Note: Please add new entries to the beg </dates> </vuln> - <vuln vid="a8818f7f-9182-11e2-9bdf-d48564727302"> - <topic>optipng -- use-after-free vulnerability</topic> - <affects> - <package> - <name>optipng</name> - <range><ge>0.7</ge><lt>0.7.4</lt></range> - </package> - </affects> - <description> - <body xmlns="http://www.w3.org/1999/xhtml">; - <p>Secunia reports:</p> - <blockquote cite="https://secunia.com/advisories/50654">; - <p>A vulnerability has been reported in OptiPNG, which can be - exploited by malicious people to potentially compromise a user's - system.</p> - <p>The vulnerability is caused due to a use-after-free error related - to the palette reduction functionality. No further information is - currently available.</p> - <p>Success exploitation may allow execution of arbitrary code.</p> - </blockquote> - </body> - </description> - <references> - <cvename>CVE-2012-4432</cvename> - <url>https://secunia.com/advisories/50654</url>; - </references> - <dates> - <discovery>2012-09-16</discovery> - <entry>2013-05-18</entry> - </dates> - </vuln> - <vuln vid="a0c65049-bddd-11e2-a0f6-001060e06fd4"> <topic>linux-flashplugin -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201306011922.r51JMdt9076498>