Date: Wed, 27 Sep 2017 21:13:24 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r450788 - head/security/vuxml Message-ID: <201709272113.v8RLDOpC059171@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Wed Sep 27 21:13:23 2017 New Revision: 450788 URL: https://svnweb.freebsd.org/changeset/ports/450788 Log: Document OpenVPN <2.4.4 CVE-2017-12166 legacy vuln. Security: CVE-2017-12166 Security: 3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Wed Sep 27 21:07:48 2017 (r450787) +++ head/security/vuxml/vuln.xml Wed Sep 27 21:13:23 2017 (r450788) @@ -58,6 +58,41 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="3dd6ccf4-a3c6-11e7-a52e-0800279f2ff8"> + <topic>OpenVPN -- out-of-bounds write in legacy key-method 1</topic> + <affects> + <package> + <name>openvpn</name> + <range><ge>2.4.0</ge><lt>2.4.4</lt></range> + <range><lt>2.3.18</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Steffan Karger reports:</p> + <blockquote cite="https://community.openvpn.net/openvpn/wiki/CVE-2017-12166">; + <p>The bounds check in read_key() was performed after using the value, + instead of before. If 'key-method 1' is used, this allowed an + attacker to send a malformed packet to trigger a stack buffer + overflow. [...]</p> + <p>Note that 'key-method 1' has been replaced by 'key method 2' as the + default in OpenVPN 2.0 (released on 2005-04-17), and explicitly + deprecated in 2.4 and marked for removal in 2.5. This should limit + the amount of users impacted by this issue.</p> + </blockquote> + </body> + </description> + <references> + <url>https://community.openvpn.net/openvpn/wiki/CVE-2017-12166</url>; + <url>https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg15492.html</url>; + <cvename>CVE-2017-12166</cvename> + </references> + <dates> + <discovery>2017-09-21</discovery> + <entry>2017-09-27</entry> + </dates> + </vuln> + <vuln vid="16fb4f83-a2ab-11e7-9c14-009c02a2ab30"> <topic>ImageMagick -- denial of service via a crafted font file</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201709272113.v8RLDOpC059171>