From owner-cvs-all@FreeBSD.ORG Mon Sep 14 20:06:29 2009 Return-Path: Delivered-To: cvs-all@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A15411065670; Mon, 14 Sep 2009 20:06:29 +0000 (UTC) (envelope-from stas@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id 7ACBC8FC14; Mon, 14 Sep 2009 20:06:29 +0000 (UTC) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.3/8.14.3) with ESMTP id n8EK6Tct064968; Mon, 14 Sep 2009 20:06:29 GMT (envelope-from stas@repoman.freebsd.org) Received: (from stas@localhost) by repoman.freebsd.org (8.14.3/8.14.3/Submit) id n8EK6TvZ064967; Mon, 14 Sep 2009 20:06:29 GMT (envelope-from stas) Message-Id: <200909142006.n8EK6TvZ064967@repoman.freebsd.org> From: Stanislav Sedov Date: Mon, 14 Sep 2009 20:06:29 +0000 (UTC) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Cc: Subject: cvs commit: ports/security/vuxml vuln.xml X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: **OBSOLETE** CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Sep 2009 20:06:29 -0000 stas 2009-09-14 20:06:29 UTC FreeBSD ports repository Modified files: security/vuxml vuln.xml Log: - Fix formatting. - Add link to the debian security advisory. - Fix the description to be the actual citation from the official sources instead of some wild interpretation. We do not know for sure if remote code execution is possible at all and from looking to the source code it seems unlikely as the buffer undeflown is allocated on the heap. Moreover, it is not clear if this is exploitable in the default install. Discussed with: az Revision Changes Path 1.2032 +7 -9 ports/security/vuxml/vuln.xml