Date: Sat, 16 Jun 2018 14:43:00 +0000 (UTC) From: Joseph Mingrone <jrm@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r472550 - head/security/vuxml Message-ID: <201806161443.w5GEh0TX002097@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jrm Date: Sat Jun 16 14:43:00 2018 New Revision: 472550 URL: https://svnweb.freebsd.org/changeset/ports/472550 Log: security/vuxml: document Slurm vulnerability https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html While here, silence validation warnings caused by node.js 2018-06-15 entry. Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sat Jun 16 14:21:11 2018 (r472549) +++ head/security/vuxml/vuln.xml Sat Jun 16 14:43:00 2018 (r472550) @@ -58,6 +58,35 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="3a66cb69-716f-11e8-be54-3085a9a47796"> + <topic>slurm -- insecure handling of user_name and gid fields</topic> + <affects> + <package> + <name>slurm-wlm</name> + <range><lt>17.02.11</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>SchedMD reports:</p> + <blockquote cite="https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html">; + <h1>Insecure handling of user_name and gid fields (CVE-2018-10995)</h1> + <p>While fixes are only available for the supported 17.02 and 17.11 + releases, it is believed that similar vulnerabilities do affect past + versions as well. The only resolution is to upgrade Slurm to a fixed + release.</p> + </blockquote> + </body> + </description> + <references> + <url>https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html</url>; + </references> + <dates> + <discovery>2018-05-30</discovery> + <entry>2018-06-16</entry> + </dates> + </vuln> + <vuln vid="45b8e2eb-7056-11e8-8fab-63ca6e0e13a2"> <topic>node.js -- multiple vulnerabilities</topic> <affects> @@ -78,43 +107,43 @@ Notes: <body xmlns="http://www.w3.org/1999/xhtml">; <p>Node.js reports:</p> <blockquote cite="https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/">; - <h1>Denial of Service Vulnerability in HTTP/2 (CVE-2018-7161)</h1> + <h1>Denial of Service Vulnerability in HTTP/2 (CVE-2018-7161)</h1> <p>All versions of 8.x and later are vulnerable and the severity is - HIGH. An attacker can cause a denial of service (DoS) by causing a - node server providing an http2 server to crash. This can be - accomplished by interacting with the http2 server in a manner that - triggers a cleanup bug where objects are used in native code after - they are no longer available. This has been addressed by updating - the http2 implementation. Thanks to Jordan Zebor at F5 Networks for - reporting this issue.</p> - <h1>Denial of Service, nghttp2 dependency (CVE-2018-1000168)</h1> + HIGH. An attacker can cause a denial of service (DoS) by causing a + node server providing an http2 server to crash. This can be + accomplished by interacting with the http2 server in a manner that + triggers a cleanup bug where objects are used in native code after + they are no longer available. This has been addressed by updating + the http2 implementation. Thanks to Jordan Zebor at F5 Networks for + reporting this issue.</p> + <h1>Denial of Service, nghttp2 dependency (CVE-2018-1000168)</h1> <p>All versions of 9.x and later are vulnerable and the severity is - HIGH. Under certain conditions, a malicious client can trigger an - uninitialized read (and a subsequent segfault) by sending a - malformed ALTSVC frame. This has been addressed through an by - updating nghttp2.</p> - <h1>Denial of Service Vulnerability in TLS (CVE-2018-7162)</h1> + HIGH. Under certain conditions, a malicious client can trigger an + uninitialized read (and a subsequent segfault) by sending a + malformed ALTSVC frame. This has been addressed through an by + updating nghttp2.</p> + <h1>Denial of Service Vulnerability in TLS (CVE-2018-7162)</h1> <p>All versions of 9.x and later are vulnerable and the severity is - HIGH. An attacker can cause a denial of service (DoS) by causing a - node process which provides an http server supporting TLS server to - crash. This can be accomplished by sending duplicate/unexpected - messages during the handshake. This vulnerability has been addressed - by updating the TLS implementation. Thanks to Jordan Zebor at F5 - Networks all of his help investigating this issue with the Node.js - team.</p> - <h1>Memory exhaustion DoS on v9.x (CVE-2018-7164)</h1> + HIGH. An attacker can cause a denial of service (DoS) by causing a + node process which provides an http server supporting TLS server to + crash. This can be accomplished by sending duplicate/unexpected + messages during the handshake. This vulnerability has been addressed + by updating the TLS implementation. Thanks to Jordan Zebor at F5 + Networks all of his help investigating this issue with the Node.js + team.</p> + <h1>Memory exhaustion DoS on v9.x (CVE-2018-7164)</h1> <p>Versions 9.7.0 and later are vulnerable and the severity is MEDIUM. - A bug introduced in 9.7.0 increases the memory consumed when reading - from the network into JavaScript using the net.Socket object - directly as a stream. An attacker could use this cause a denial of - service by sending tiny chunks of data in short succession. This - vulnerability was restored by reverting to the prior behaviour.</p> - <h1>Calls to Buffer.fill() and/or Buffer.alloc() may hang (CVE-2018-7167)</h1> + A bug introduced in 9.7.0 increases the memory consumed when reading + from the network into JavaScript using the net.Socket object + directly as a stream. An attacker could use this cause a denial of + service by sending tiny chunks of data in short succession. This + vulnerability was restored by reverting to the prior behaviour.</p> + <h1>Calls to Buffer.fill() and/or Buffer.alloc() may hang (CVE-2018-7167)</h1> <p>Calling Buffer.fill() or Buffer.alloc() with some parameters can - lead to a hang which could result in a Denial of Service. In order - to address this vulnerability, the implementations of Buffer.alloc() - and Buffer.fill() were updated so that they zero fill instead of - hanging in these cases.</p> + lead to a hang which could result in a Denial of Service. In order + to address this vulnerability, the implementations of Buffer.alloc() + and Buffer.fill() were updated so that they zero fill instead of + hanging in these cases.</p> </blockquote> </body> </description>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201806161443.w5GEh0TX002097>