Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 13 Nov 2012 18:17:13 +0000 (UTC)
From:      Jase Thew <jase@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r307387 - head/security/vuxml
Message-ID:  <201211131817.qADIHDi5094774@svn.freebsd.org>

next in thread | raw e-mail | index | archive | help
Author: jase
Date: Tue Nov 13 18:17:13 2012
New Revision: 307387
URL: http://svnweb.freebsd.org/changeset/ports/307387

Log:
  - Update recent weechat entry (e02c572f-2af0-11e2-bb44-003067b2972c)
  
  - Document assigned CVE Identifier
  - Document workaround for vulnerable versions
  
  Feature safe:	yes

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Tue Nov 13 18:06:16 2012	(r307386)
+++ head/security/vuxml/vuln.xml	Tue Nov 13 18:17:13 2012	(r307387)
@@ -134,10 +134,13 @@ Note:  Please add new entries to the beg
 	<blockquote cite="https://savannah.nongnu.org/bugs/?37704">;
 	  <p>A buffer overflow is causing a crash or freeze of WeeChat when 
 	  decoding IRC colors in strings.</p>
+	  <p>Workaround for a non-patched version: 
+	  /set irc.network.colors_receive off</p>
 	</blockquote>
       </body>
     </description>
     <references>
+      <cvename>CVE-2012-5854</cvename>
       <freebsdpr>ports/173513</freebsdpr>
       <url>http://weechat.org/security/</url>;
       <url>https://savannah.nongnu.org/bugs/?37704</url>;
@@ -145,7 +148,7 @@ Note:  Please add new entries to the beg
     <dates>
       <discovery>2012-11-09</discovery>
       <entry>2012-11-10</entry>
-      <modified>2012-11-10</modified>
+      <modified>2012-11-13</modified>
     </dates>
   </vuln>
 



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201211131817.qADIHDi5094774>