Date: Fri, 2 Nov 2012 18:08:19 +0000 (UTC) From: Jimmy Olgeni <olgeni@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r306877 - head/security/vuxml Message-ID: <201211021808.qA2I8Ji1075185@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: olgeni Date: Fri Nov 2 18:08:19 2012 New Revision: 306877 URL: http://svn.freebsd.org/changeset/ports/306877 Log: Add entry for webmin < 1.600_1 (potential XSS attack). Feature safe: yes Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Fri Nov 2 17:57:59 2012 (r306876) +++ head/security/vuxml/vuln.xml Fri Nov 2 18:08:19 2012 (r306877) @@ -51,6 +51,32 @@ Note: Please add new entries to the beg --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="ec89dc70-2515-11e2-8eda-000a5e1e33c6"> + <topic>webmin -- potential XSS attack via real name field</topic> + <affects> + <package> + <name>webmin</name> + <range><lt>1.600_1</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>The webmin updates site reports</p> + <blockquote cite="http://www.webmin.com/updates.html">; + <p>Module: Change Passwords; Version: 1.600; Problem: Fix for potential XSS attack + via real name field; Solution: New module.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.webmin.com/updates.html</url>; + </references> + <dates> + <discovery>2012-11-02</discovery> + <entry>2012-11-02</entry> + </dates> + </vuln> + <vuln vid="3decc87d-2498-11e2-b0c7-000d601460a4"> <topic>ruby - Unintentional file creation caused by inserting an illegal NUL character</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201211021808.qA2I8Ji1075185>