Date: Sat, 15 Sep 2012 02:19:37 +0000 (UTC) From: Eitan Adler <eadler@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r304305 - head/security/vuxml Message-ID: <201209150219.q8F2JbTx058737@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: eadler Date: Sat Sep 15 02:19:37 2012 New Revision: 304305 URL: http://svn.freebsd.org/changeset/ports/304305 Log: Tell the world about the recent bacula vuln Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sat Sep 15 00:55:18 2012 (r304304) +++ head/security/vuxml/vuln.xml Sat Sep 15 02:19:37 2012 (r304305) @@ -51,6 +51,37 @@ Note: Please add new entries to the beg --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="143f6932-fedb-11e1-ad4a-003067b2972c"> + <topic>bacula -- Console ACL Bypass</topic> + <affects> + <package> + <name>bacula</name> + <range><lt>5.2.11</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <blockquote cite="https://secunia.com/advisories/50535/"> + <p>A security issue has been reported in Bacula, which can be + exploited by malicious users to bypass certain security + restrictions.</p> + <p>The security issue is caused due to an error within the implementation + of console ACLs, which can be exploited to gain access to certain + restricted functionality and e.g. dump resources.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.bacula.org/git/cgit.cgi/bacula/commit/?id=67debcecd3d530c429e817e1d778e79dcd1db905</url> + <url>https://secunia.com/advisories/50535/</url> + <url>http://sourceforge.net/projects/bacula/files/bacula/5.2.11/ReleaseNotes/view</url> + </references> + <dates> + <discovery>2012-09-12</discovery> + <entry>2012-09-15</entry> + </dates> + </vuln> + <vuln vid="178ba4ea-fd40-11e1-b2ae-001fd0af1a4c"> <topic>mod_pagespeed -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201209150219.q8F2JbTx058737>