Date: Mon, 14 Aug 2017 22:42:53 +0000 (UTC) From: Mark Felder <feld@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r447969 - head/security/vuxml Message-ID: <201708142242.v7EMgrdq003506@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: feld Date: Mon Aug 14 22:42:53 2017 New Revision: 447969 URL: https://svnweb.freebsd.org/changeset/ports/447969 Log: Document freeradius vulnerabilities Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Mon Aug 14 22:36:24 2017 (r447968) +++ head/security/vuxml/vuln.xml Mon Aug 14 22:42:53 2017 (r447969) @@ -58,6 +58,46 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="79bbec7e-8141-11e7-b5af-a4badb2f4699"> + <topic>FreeRadius -- Multiple vulnerabilities</topic> + <affects> + <package> + <name>freeradius3</name> + <range><lt>3.0.15</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>Guido Vranken reports:</p> + <blockquote cite="http://freeradius.org/security/fuzzer-2017.html">; + <p>Multiple vulnerabilities found via fuzzing: + FR-GV-201 (v2,v3) Read / write overflow in make_secret() + FR-GV-202 (v2) Write overflow in rad_coalesce() + FR-GV-203 (v2) DHCP - Memory leak in decode_tlv() + FR-GV-204 (v2) DHCP - Memory leak in fr_dhcp_decode() + FR-GV-205 (v2) DHCP - Buffer over-read in fr_dhcp_decode_options() + FR-GV-206 (v2,v3) DHCP - Read overflow when decoding option 63 + FR-GV-207 (v2) Zero-length malloc in data2vp() + FR-GV-301 (v3) Write overflow in data2vp_wimax() + FR-GV-302 (v3) Infinite loop and memory exhaustion with 'concat' attributes + FR-GV-303 (v3) DHCP - Infinite read in dhcp_attr2vp() + FR-GV-304 (v3) DHCP - Buffer over-read in fr_dhcp_decode_suboptions() + FR-GV-305 (v3) Decode 'signed' attributes correctly + FR-AD-001 (v2,v3) Use strncmp() instead of memcmp() for string data + FR-AD-002 (v3) String lifetime issues in rlm_python + FR-AD-003 (v3) Incorrect statement length passed into sqlite3_prepare</p> + </blockquote> + </body> + </description> + <references> + <url>http://freeradius.org/security/fuzzer-2017.html</url>; + </references> + <dates> + <discovery>2017-06-17</discovery> + <entry>2017-08-14</entry> + </dates> + </vuln> + <vuln vid="1d33cdee-7f6b-11e7-a9b5-3debb10a6871"> <topic>Mercurial -- multiple vulnerabilities</topic> <affects>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201708142242.v7EMgrdq003506>