Date: Mon, 22 Jun 2015 07:02:21 +0000 (UTC) From: Xin LI <delphij@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r390276 - head/security/vuxml Message-ID: <201506220702.t5M72L0S076198@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: delphij Date: Mon Jun 22 07:02:20 2015 New Revision: 390276 URL: https://svnweb.freebsd.org/changeset/ports/390276 Log: Document lang/chicken vulnerabilities CVE-2014-9651 and CVE-2015-4556. PR: 200980 Submitted by: Jason Unovitch Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Mon Jun 22 06:54:22 2015 (r390275) +++ head/security/vuxml/vuln.xml Mon Jun 22 07:02:20 2015 (r390276) @@ -57,6 +57,70 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="0da404ad-1891-11e5-a1cf-002590263bf5"> + <topic>chicken -- Potential buffer overrun in string-translate*</topic> + <affects> + <package> + <name>chicken</name> + <range><lt>4.10.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>chicken developer Peter Bex reports:</p> + <blockquote cite="http://lists.nongnu.org/archive/html/chicken-announce/2015-06/msg00010.html">; + <p>Using gcc's Address Sanitizer, it was discovered that the string-translate* + procedure from the data-structures unit can scan beyond the input string's + length up to the length of the source strings in the map that's passed to + string-translate*. This issue was fixed in master 8a46020, and it will + make its way into CHICKEN 4.10.</p> + <p>This bug is present in all released versions of CHICKEN.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2015-4556</cvename> + <mlist>http://lists.nongnu.org/archive/html/chicken-announce/2015-06/msg00010.html</mlist>; + <mlist>http://lists.nongnu.org/archive/html/chicken-hackers/2015-06/msg00037.html</mlist>; + </references> + <dates> + <discovery>2015-06-15</discovery> + <entry>2015-06-22</entry> + </dates> + </vuln> + + <vuln vid="e7b7f2b5-177a-11e5-ad33-f8d111029e6a"> + <topic>chicken -- buffer overrun in substring-index[-ci]</topic> + <affects> + <package> + <name>chicken</name> + <range><lt>4.10.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>chicken developer Moritz Heidkamp reports:</p> + <blockquote cite="http://lists.gnu.org/archive/html/chicken-users/2015-01/msg00048.html">; + <p>The substring-index[-ci] procedures of the data-structures unit are + vulnerable to a buffer overrun attack when passed an integer greater + than zero as the optional START argument.</p> + <p>As a work-around you can switch to SRFI 13's + string-contains procedure which also returns the substring's index in + case it is found.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-9651</cvename> + <mlist>http://lists.gnu.org/archive/html/chicken-users/2015-01/msg00048.html</mlist>; + <mlist>http://lists.nongnu.org/archive/html/chicken-hackers/2014-12/txt2UqAS9CtvH.txt</mlist>; + </references> + <dates> + <discovery>2015-01-12</discovery> + <entry>2015-06-22</entry> + </dates> + </vuln> + <vuln vid="a3929112-181b-11e5-a1cf-002590263bf5"> <topic>cacti -- Multiple XSS and SQL injection vulerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201506220702.t5M72L0S076198>