Date: Sat, 21 Dec 2019 11:04:12 +0000 (UTC) From: Matthias Andree <mandree@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r520554 - head/security/vuxml Message-ID: <201912211104.xBLB4CBM083251@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: mandree Date: Sat Dec 21 11:04:12 2019 New Revision: 520554 URL: https://svnweb.freebsd.org/changeset/ports/520554 Log: Add vulnerability of e2fsprogs quota code < 1.45.4 Security: ad3451b9-23e0-11ea-8b36-f1925a339a82 Security: CVE-2019-5094 Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sat Dec 21 10:54:49 2019 (r520553) +++ head/security/vuxml/vuln.xml Sat Dec 21 11:04:12 2019 (r520554) @@ -58,6 +58,32 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="ad3451b9-23e0-11ea-8b36-f1925a339a82"> + <topic>e2fsprogs -- maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck</topic> + <affects> + <package> + <name>e2fsprogs</name> + <range><lt>1.45.4</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Ted Y. Ts'o reports:</p> + <blockquote cite="http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.45.4"> + <p>A maliciously corrupted file systems can trigger buffer overruns in the quota code used by e2fsck.</p> + </blockquote> + </body> + </description> + <references> + <url>http://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.45.4</url> + <cvename>CVE-2019-5094</cvename> + </references> + <dates> + <discovery>2019-09-23</discovery> + <entry>2019-12-21</entry> + </dates> + </vuln> + <vuln vid="3da0352f-2397-11ea-966e-000ffec0b3e1"> <topic>drupal -- Drupal Core - Multiple Vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201912211104.xBLB4CBM083251>