From owner-freebsd-ports-bugs@FreeBSD.ORG  Sun Feb  8 17:30:03 2009
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@hub.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 04E06106572F
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Sun,  8 Feb 2009 17:30:03 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
	[IPv6:2001:4f8:fff6::28])
	by mx1.freebsd.org (Postfix) with ESMTP id B0A498FC26
	for <freebsd-ports-bugs@hub.freebsd.org>;
	Sun,  8 Feb 2009 17:30:02 +0000 (UTC)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.14.3/8.14.3) with ESMTP id n18HU2Iw067883
	for <freebsd-ports-bugs@freefall.freebsd.org>;
	Sun, 8 Feb 2009 17:30:02 GMT
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.14.3/8.14.3/Submit) id n18HU2WN067882;
	Sun, 8 Feb 2009 17:30:02 GMT (envelope-from gnats)
Resent-Date: Sun, 8 Feb 2009 17:30:02 GMT
Resent-Message-Id: <200902081730.n18HU2WN067882@freefall.freebsd.org>
Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer)
Resent-To: freebsd-ports-bugs@FreeBSD.org
Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Mark Foster <mark@foster.cc>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 5743D106564A
	for <freebsd-gnats-submit@FreeBSD.org>;
	Sun,  8 Feb 2009 17:29:31 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 44E118FC16
	for <freebsd-gnats-submit@FreeBSD.org>;
	Sun,  8 Feb 2009 17:29:31 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n18HTVps049852
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 8 Feb 2009 17:29:31 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id n18HTUYn049847;
	Sun, 8 Feb 2009 17:29:30 GMT (envelope-from nobody)
Message-Id: <200902081729.n18HTUYn049847@www.freebsd.org>
Date: Sun, 8 Feb 2009 17:29:30 GMT
From: Mark Foster <mark@foster.cc>
To: freebsd-gnats-submit@FreeBSD.org
X-Send-Pr-Version: www-3.1
Cc: 
Subject: ports/131508: vuxml submission for www/amaya
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 08 Feb 2009 17:30:05 -0000


>Number:         131508
>Category:       ports
>Synopsis:       vuxml submission for www/amaya
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Sun Feb 08 17:30:02 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Mark Foster
>Release:        7.1 RELEASE
>Organization:
Credentia
>Environment:
>Description:

>How-To-Repeat:

>Fix:
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="690f7d4f-7084-4890-a39e-2852c6732c2c">
     <topic>amaya -- Amaya web editor XML and HTML parser vulnerabilities</topic>
     <affects>
       <package>
         <name>amaya</name>
         <range><le>11.0</le></range>
       </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">
         <p>CoreSecurity reports:</p>
         <blockquote cite="http://www.coresecurity.com/content/amaya-buffer-overflows">
           <p>Amaya is the W3Cs Web editor/browser a tool used to create and update
documents directly on the Web. Multiple stack buffer overflow
vulnerabilities have been discovered in Amaya which can be exploited by
unauthorized people using crafted web pages to compromise a users system.</p>
         </blockquote>
       </body>
     </description>
     <references>
      <url>http://www.coresecurity.com/content/amaya-buffer-overflows</url>
      <bid>500492</bid>
     </references>
     <dates>
       <discovery>2009-01-28</discovery>
       <entry>2009-02-08</entry>
     </dates>
   </vuln>



>Release-Note:
>Audit-Trail:
>Unformatted: