Date: Tue, 18 Jun 2013 15:45:03 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r321196 - head/security/vuxml Message-ID: <201306181545.r5IFj38d009933@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Tue Jun 18 15:45:02 2013 New Revision: 321196 URL: http://svnweb.freebsd.org/changeset/ports/321196 Log: Add entry for SA-13:06.mmap. Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Jun 18 15:31:17 2013 (r321195) +++ head/security/vuxml/vuln.xml Tue Jun 18 15:45:02 2013 (r321196) @@ -51,6 +51,34 @@ Note: Please add new entries to the beg --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="abef280d-d829-11e2-b71c-8c705af55518"> + <topic>FreeBSD -- Privilege escalation via mmap</topic> + <affects> + <package> + <name>FreeBSD</name> + <range><gt>9.0</gt><lt>9.1_4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <blockquote cite="http://www.freebsd.org/security/advisories/FreeBSD-SA-13%3a06.mmap.asc">; + <p>Due to insufficient permission checks in the virtual memory + system, a tracing process (such as a debugger) may be able to + modify portions of the traced process's address space to which + the traced process itself does not have write access.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2013-2171</cvename> + <freebsdsa>SA-13:06.mmap</freebsdsa> + </references> + <dates> + <discovery>2013-06-18</discovery> + <entry>2013-06-18</entry> + </dates> + </vuln> + <vuln vid="279e5f4b-d823-11e2-928e-08002798f6ff"> <topic>apache-xml-security-c -- heap overflow</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201306181545.r5IFj38d009933>