Date: Tue, 27 Sep 2016 21:00:06 +0000 (UTC) From: Bernard Spil <brnrd@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r422831 - head/security/vuxml Message-ID: <201609272100.u8RL063U088930@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: brnrd Date: Tue Sep 27 21:00:05 2016 New Revision: 422831 URL: https://svnweb.freebsd.org/changeset/ports/422831 Log: security/vuxml: Update recent OpenSSL vuln (add LibreSSL) - Add libressl and libressl-devel Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Tue Sep 27 20:56:34 2016 (r422830) +++ head/security/vuxml/vuln.xml Tue Sep 27 21:00:05 2016 (r422831) @@ -69,6 +69,14 @@ Notes: <name>openssl-devel</name> <range><lt>1.1.0b</lt></range> </package> + <package> + <name>libressl</name> + <range><lt>2.4.3</lt></range> + </package> + <package> + <name>libressl-devel</name> + <range><lt>2.4.3</lt></range> + </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml">; @@ -129,6 +137,7 @@ Notes: <p>Certificate message OOB reads</p> <p>Excessive allocation of memory in tls_get_message_header()</p> <p>Excessive allocation of memory in dtls1_preprocess_fragment()</p> + <p>NB: LibreSSL is only affected by CVE-2016-6304</p> </blockquote> </body> </description>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201609272100.u8RL063U088930>