Date: Sat, 7 Jan 2017 23:07:46 +0000 (UTC) From: Jason Unovitch <junovitch@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r430844 - head/security/vuxml Message-ID: <201701072307.v07N7kvT043930@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: junovitch Date: Sat Jan 7 23:07:46 2017 New Revision: 430844 URL: https://svnweb.freebsd.org/changeset/ports/430844 Log: Tag irssi entry with assigned CVEs, while here wrap at 80 and reference PR PR: 215800 Security: CVE-2017-5193 Security: CVE-2017-5194 Security: CVE-2017-5195 Security: CVE-2017-5196 Security: https://vuxml.FreeBSD.org/freebsd/3d6be69b-d365-11e6-a071-001e67f15f5a.html Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sat Jan 7 22:57:43 2017 (r430843) +++ head/security/vuxml/vuln.xml Sat Jan 7 23:07:46 2017 (r430844) @@ -192,21 +192,31 @@ Notes: <blockquote cite="https://irssi.org/security/irssi_sa_2017_01.txt">; <p>Four vulnerabilities have been located in Irssi</p> <ul> - <li>A NULL pointer dereference in the nickcmp function found by Joseph Bisch. (CWE-690)</li> - <li>Use after free when receiving invalid nick message (Issue #466, CWE-146)</li> - <li>Out of bounds read in certain incomplete control codes found by Joseph Bisch. (CWE-126)</li> - <li>Out of bounds read in certain incomplete character sequences found by Hanno Böck and independently by J. Bisch. (CWE-126)</li> + <li>A NULL pointer dereference in the nickcmp function found by + Joseph Bisch. (CWE-690)</li> + <li>Use after free when receiving invalid nick message (Issue #466, + CWE-146)</li> + <li>Out of bounds read in certain incomplete control codes found + by Joseph Bisch. (CWE-126)</li> + <li>Out of bounds read in certain incomplete character sequences + found by Hanno Böck and independently by J. Bisch. (CWE-126)</li> </ul> <p>These issues may result in denial of service (remote crash).</p> </blockquote> </body> </description> <references> - <url>https://irssi.org/security/irssi_sa_2017_01.txt</url>; + <cvename>CVE-2017-5193</cvename> + <cvename>CVE-2017-5194</cvename> + <cvename>CVE-2017-5195</cvename> + <cvename>CVE-2017-5196</cvename> + <freebsdpr>ports/215800</freebsdpr> + <url>https://irssi.org/security/irssi_sa_2017_01.txt</url>; </references> <dates> <discovery>2017-01-03</discovery> <entry>2017-01-05</entry> + <modified>2017-01-07</modified> </dates> </vuln>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201701072307.v07N7kvT043930>