Date: Thu, 27 Dec 2001 12:53:04 -0500 (EST) From: Julian Dunn <jdunn@verticalscope.com> To: FreeBSD-gnats-submit@freebsd.org Cc: martti.kuparinen@iki.fi Subject: ports/33251: stunnel 3.21c port has security vulnerability Message-ID: <20011227175304.CFE011912@jedi.verticalscope.com>
next in thread | raw e-mail | index | archive | help
>Number: 33251 >Category: ports >Synopsis: stunnel 3.21c port has security vulnerability >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Dec 27 10:00:01 PST 2001 >Closed-Date: >Last-Modified: >Originator: Julian Dunn >Release: FreeBSD 4.4-STABLE i386 >Organization: VerticalScope Inc. >Environment: System: FreeBSD jedi.verticalscope.com 4.4-STABLE FreeBSD 4.4-STABLE #5: Tue Oct 23 14:09:33 EDT 2001 jdunn@jedi.verticalscope.com:/usr/obj/usr/src/sys/YODA i386 >Description: There is a format string vulnerability in the stunnel port. See: http://www.stunnel.org/patches/desc/formatbug_ml.html for a patch against 3.21c (or there is also a 3.22 version available) >How-To-Repeat: >Fix: Maintainer should upgrade port to the current revision 3.22 or apply patch: http://www.stunnel.org/patches/patches/formatbug_ml.patch >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011227175304.CFE011912>