From owner-svn-ports-head@freebsd.org Wed Nov 28 19:57:30 2018 Return-Path: Delivered-To: svn-ports-head@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id A808C113BECC; Wed, 28 Nov 2018 19:57:30 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4B4D386865; Wed, 28 Nov 2018 19:57:30 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 228FB70F3; Wed, 28 Nov 2018 19:57:30 +0000 (UTC) (envelope-from pi@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id wASJvTYw092012; Wed, 28 Nov 2018 19:57:29 GMT (envelope-from pi@FreeBSD.org) Received: (from pi@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id wASJvTb7092011; Wed, 28 Nov 2018 19:57:29 GMT (envelope-from pi@FreeBSD.org) Message-Id: <201811281957.wASJvTb7092011@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: pi set sender to pi@FreeBSD.org using -f From: Kurt Jaeger Date: Wed, 28 Nov 2018 19:57:29 +0000 (UTC) To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r486144 - head/security/vuxml X-SVN-Group: ports-head X-SVN-Commit-Author: pi X-SVN-Commit-Paths: head/security/vuxml X-SVN-Commit-Revision: 486144 X-SVN-Commit-Repository: ports MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Rspamd-Queue-Id: 4B4D386865 X-Spamd-Result: default: False [1.29 / 15.00]; local_wl_from(0.00)[FreeBSD.org]; NEURAL_SPAM_SHORT(0.37)[0.369,0]; NEURAL_SPAM_MEDIUM(0.37)[0.366,0]; NEURAL_SPAM_LONG(0.55)[0.554,0]; ASN(0.00)[asn:11403, ipnet:2610:1c1:1::/48, country:US] X-Rspamd-Server: mx1.freebsd.org X-BeenThere: svn-ports-head@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: SVN commit messages for the ports tree for head List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Nov 2018 19:57:31 -0000 Author: pi Date: Wed Nov 28 19:57:29 2018 New Revision: 486144 URL: https://svnweb.freebsd.org/changeset/ports/486144 Log: security/vuxml: document www/payara vulnerabilities PR: 233573 Submitted by: Dmytro Bilokha Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Wed Nov 28 19:22:56 2018 (r486143) +++ head/security/vuxml/vuln.xml Wed Nov 28 19:57:29 2018 (r486144) @@ -58,6 +58,169 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> + + payara -- Default typing issue in Jackson Databind + + + payara + 4.1.2.181.3 + 4.1.2.182 + 5.181.3 + 5.182 + + + + +
+

FasterXML jackson-databind before 2.8.11.1 and 2.9.x before + 2.9.5 allows unauthenticated remote code execution because of + an incomplete fix for the CVE-2017-7525 deserialization flaw. + This is exploitable by sending maliciously crafted JSON input + to the readValue method of the ObjectMapper, bypassing a + blacklist that is ineffective if the c3p0 libraries are + available in the classpath.

+
+ +
+ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7489 + CVE-2018-7489 + + + 2018-02-26 + 2018-11-28 + +
+ + + payara -- Code execution via crafted PUT requests to JSPs + + + payara + 4.1.2.174 + + + + +
+

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP + PUTs enabled (e.g. via setting the readonly initialisation + parameter of the Default to false) it was possible to upload a + JSP file to the server via a specially crafted request. This + JSP could then be requested and any code it contained would be + executed by the server.

+
+ +
+ + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12615 + CVE-2017-12615 + + + 2017-08-07 + 2018-11-28 + +
+ + + payara -- Multiple vulnerabilities + + + payara + 4.1.2.173 + + + + +
+

Apache Commons FileUpload before 1.3.3 + DiskFileItem File Manipulation Remote Code Execution.

+
+
+

Vulnerability in the Oracle GlassFish Server component of + Oracle Fusion Middleware (subcomponent: Administration). + Supported versions that are affected are 3.0.1 and 3.1.2. + Easily exploitable vulnerability allows low privileged attacker + with logon to the infrastructure where Oracle GlassFish Server + executes to compromise Oracle GlassFish Server. Successful + attacks of this vulnerability can result in unauthorized read + access to a subset of Oracle GlassFish Server accessible data. + CVSS v3.0 Base Score 3.3 (Confidentiality impacts).

+
+
+

Vulnerability in the Oracle GlassFish Server component of Oracle + Fusion Middleware (subcomponent: Core). Supported versions that + are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable + vulnerability allows unauthenticated attacker with network access + via SMTP to compromise Oracle GlassFish Server. Successful + attacks require human interaction from a person other than the + attacker. Successful attacks of this vulnerability can result in + unauthorized update, insert or delete access to some of Oracle + GlassFish Server accessible data. CVSS v3.0 Base Score 4.3 + (Integrity impacts).

+
+
+

Vulnerability in the Oracle GlassFish Server component of + Oracle Fusion Middleware (subcomponent: Security). Supported + versions that are affected are 2.1.1, 3.0.1 and 3.1.2. + Easily exploitable vulnerability allows unauthenticated attacker + with network access via LDAP to compromise Oracle GlassFish Server. + Successful attacks of this vulnerability can result in unauthorized + update, insert or delete access to some of Oracle GlassFish Server + accessible data as well as unauthorized read access to a subset of + Oracle GlassFish Server accessible data and unauthorized ability + to cause a partial denial of service (partial DOS) of Oracle + GlassFish Server. CVSS v3.0 Base Score 7.3 (Confidentiality, + Integrity and Availability impacts).

+
+
+

Vulnerability in the Oracle GlassFish Server component of Oracle + Fusion Middleware (subcomponent: Security). Supported versions that + are affected are 2.1.1, 3.0.1 and 3.1.2. Easily exploitable + vulnerability allows unauthenticated attacker with network access + via HTTP to compromise Oracle GlassFish Server. Successful attacks + of this vulnerability can result in unauthorized update, insert or + delete access to some of Oracle GlassFish Server accessible data as + well as unauthorized read access to a subset of Oracle GlassFish + Server accessible data and unauthorized ability to cause a partial + denial of service (partial DOS) of Oracle GlassFish Server. + CVSS v3.0 Base Score 7.3 (Confidentiality, Integrity and + Availability impacts).

+
+
+

Vulnerability in the Oracle GlassFish Server component of Oracle + Fusion Middleware (subcomponent: Security). Supported versions that + are affected are 2.1.1, 3.0.1 and 3.1.2. Difficult to exploit + vulnerability allows unauthenticated attacker with network access + via multiple protocols to compromise Oracle GlassFish Server. While + the vulnerability is in Oracle GlassFish Server, attacks may + significantly impact additional products. Successful attacks of this + vulnerability can result in takeover of Oracle GlassFish Server. + CVSS v3.0 Base Score 9.0 (Confidentiality, Integrity and + Availability impacts).

+
+ +
+ + http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031 + CVE-2016-1000031 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3239 + CVE-2017-3239 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3247 + CVE-2017-3247 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3249 + CVE-2017-3249 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3250 + CVE-2017-3250 + https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5528 + CVE-2016-5528 + + + 2016-06-16 + 2018-11-28 + +
+ Gitlab -- Multiple vulnerabilities