Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 28 Dec 2008 22:34:01 -0800 (PST)
From:      Mark Foster <mark@foster.cc>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/130013: vuxml update: vuln.xml entry for ports/foo
Message-ID:  <20081229063401.50358BBC3@frau.foster.cc>
Resent-Message-ID: <200812290730.mBT7U2ah046351@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         130013
>Category:       ports
>Synopsis:       vuxml update: vuln.xml entry for ports/foo
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          update
>Submitter-Id:   current-users
>Arrival-Date:   Mon Dec 29 07:30:02 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Mark Foster
>Release:        FreeBSD 7.0-RELEASE-p5 i386
>Organization:
>Environment:
System: FreeBSD frau.foster.cc 7.0-RELEASE-p5 FreeBSD 7.0-RELEASE-p5 #0: Sat Nov 1 15:07:32 PDT 2008 root@frau.foster.cc:/usr/obj/usr/src/sys/VMWARE2 i386


	
>Description:
	
>How-To-Repeat:
	
>Fix:

<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">;
   <vuln vid="4bef2efc-7850-4a7c-96e4-4662417534bd">
     <topic>imap-uw -- University Of Washington IMAP c-client Buffer Overflow</topic>
     <affects>
       <package>
         <name>imap-uw</name>
         <range><lt>2007e</lt></range>
       </package>
     </affects>
     <description>
       <body xmlns="http://www.w3.org/1999/xhtml">;
         <p>SANS reports:</p>
         <blockquote cite="http://www.washington.edu/imap/documentation/RELNOTES.html">;
           <p>The University of Washington IMAP library is a library
implementing the IMAP mail protocol. University of Washington IMAP is
exposed to a buffer overflow issue that occurs due to a boundary error
within the rfc822_output_char function in the c-client library.
The University of Washington IMAP library versions prior to 2007e are
affected.</p>
         </blockquote>
       </body>
     </description>
     <references>
      <url>http://www.washington.edu/imap/documentation/RELNOTES.html</url>;
      <cvename>CVE-2008-5514</cvename>
     </references>
     <dates>
       <discovery>2008-12-16</discovery>
       <entry>2008-12-28</entry>
     </dates>
   </vuln>


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081229063401.50358BBC3>