Date: Thu, 12 Oct 2017 13:52:27 +0000 (UTC) From: Steve Wills <swills@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r451877 - head/security/vuxml Message-ID: <201710121352.v9CDqRZf009168@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: swills Date: Thu Oct 12 13:52:27 2017 New Revision: 451877 URL: https://svnweb.freebsd.org/changeset/ports/451877 Log: Document nss issue PR: 222952 Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Oct 12 13:20:23 2017 (r451876) +++ head/security/vuxml/vuln.xml Thu Oct 12 13:52:27 2017 (r451877) @@ -58,6 +58,44 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="e71fd9d3-af47-11e7-a633-009c02a2ab30"> + <topic>nss -- Use-after-free in TLS 1.2 generating handshake hashes</topic> + <affects> + <package> + <name>nss</name> + <name>linux-c6-nss</name> + <name>linux-c7-nss</name> + <range><ge>3.32</ge><lt>3.32.1</lt></range> + <range><ge>3.28</ge><lt>3.28.6</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Mozilla reports:</p> + <blockquote cite="https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7805">; + <p>During TLS 1.2 exchanges, handshake hashes are generated which + point to a message buffer. This saved data is used for later + messages but in some cases, the handshake transcript can + exceed the space available in the current buffer, causing the + allocation of a new buffer. This leaves a pointer pointing to + the old, freed buffer, resulting in a use-after-free when + handshake hashes are then calculated afterwards. This can + result in a potentially exploitable crash.</p> + </blockquote> + </body> + </description> + <references> + <url>https://www.mozilla.org/en-US/security/advisories/mfsa2017-21/#CVE-2017-7805</url>; + <url>https://hg.mozilla.org/projects/nss/rev/2d7b65b72290</url>; + <url>https://hg.mozilla.org/projects/nss/rev/d3865e2957d0</url>; + <cvename>CVE-2017-7805</cvename> + </references> + <dates> + <discovery>2017-08-04</discovery> + <entry>2017-10-12</entry> + </dates> + </vuln> + <vuln vid="15a62f22-098a-443b-94e2-2d26c375b993"> <topic>osip -- Improper Restriction of Operations within the Bounds of a Memory Buffer</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201710121352.v9CDqRZf009168>