Date: Thu, 22 Jan 2015 17:02:41 +0000 (UTC) From: Vsevolod Stakhov <vsevolod@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r377669 - head/security/vuxml Message-ID: <201501221702.t0MH2fFK092064@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: vsevolod Date: Thu Jan 22 17:02:40 2015 New Revision: 377669 URL: https://svnweb.freebsd.org/changeset/ports/377669 QAT: https://qat.redports.org/buildarchive/r377669/ Log: Add CVE-2015-0206 description for LibreSSL port. Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Thu Jan 22 16:48:37 2015 (r377668) +++ head/security/vuxml/vuln.xml Thu Jan 22 17:02:40 2015 (r377669) @@ -57,6 +57,38 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="f9c388c5-a256-11e4-992a-7b2a515a1247"> + <topic>LibreSSL -- DTLS vulnerability</topic> + <affects> + <package> + <name>libressl</name> + <range><lt>2.1.3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>OpenSSL Security Advisory:</p> + <blockquote cite="https://www.openssl.org/news/secadv_20150108.txt"> + <p> + A memory leak can occur in the dtls1_buffer_record function under certain + conditions. In particular this could occur if an attacker sent repeated DTLS + records with the same sequence number but for the next epoch. The memory leak + could be exploited by an attacker in a Denial of Service attack through memory + exhaustion. + </p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2015-0206</cvename> + <url>https://www.openssl.org/news/secadv_20150108.txt</url> + </references> + <dates> + <discovery>2015-01-08</discovery> + <entry>2015-01-22</entry> + </dates> + </vuln> + <vuln vid="cc294a2c-a232-11e4-8e9f-0011d823eebd"> <topic>Adobe Flash Player -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201501221702.t0MH2fFK092064>