Date: Sun, 7 Dec 2014 12:25:30 +0000 (UTC) From: Koop Mast <kwm@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r374189 - head/security/vuxml Message-ID: <201412071225.sB7CPU4J069284@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: kwm Date: Sun Dec 7 12:25:30 2014 New Revision: 374189 URL: https://svnweb.freebsd.org/changeset/ports/374189 QAT: https://qat.redports.org/buildarchive/r374189/ Log: Document freetype 2 vulnability. Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sun Dec 7 11:22:39 2014 (r374188) +++ head/security/vuxml/vuln.xml Sun Dec 7 12:25:30 2014 (r374189) @@ -57,6 +57,33 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="567beb1e-7e0a-11e4-b9cc-bcaec565249c"> + <topic>freetype -- Out of bounds stack-based read/write</topic> + <affects> + <package> + <name>freetype2</name> + <range><lt>2.5.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Werner LEMBERG reports:</p> + <blockquote cite="http://lists.nongnu.org/archive/html/freetype-announce/2014-12/msg00000.html">; + <p>The fix for CVE-2014-2240 was not 100% complete to fix the issue + from the CVE completly.</p> + </blockquote> + </body> + </description> + <references> + <url>http://lists.nongnu.org/archive/html/freetype-announce/2014-12/msg00000.html</url>; + <cvename>CVE-2014-2240</cvename> + </references> + <dates> + <discovery>2014-12-07</discovery> + <entry>2014-12-07</entry> + </dates> + </vuln> + <vuln vid="c9c46fbf-7b83-11e4-a96e-6805ca0b3d42"> <topic>phpMyAdmin -- XSS and DoS vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201412071225.sB7CPU4J069284>