Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 19 Apr 2012 08:07:13 +0000
From:      "Sergey A. Osokin" <osa@FreeBSD.org>
To:        Eitan Adler <eadler@FreeBSD.org>
Cc:        cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org, ports-committers@FreeBSD.org
Subject:   Re: [ports] cvs commit: ports/security/vuxml vuln.xml
Message-ID:  <20120419080713.GB16794@FreeBSD.org>
In-Reply-To: <20120416153515.CBDBD1065784@hub.freebsd.org>
References:  <201204161534.q3GFYv4M052980@repoman.freebsd.org> <20120416153515.CBDBD1065784@hub.freebsd.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Thanks a lot!

-- 
Sergey A. Osokin
osa@FreeBSD.org

On Mon, Apr 16, 2012 at 03:35:15PM +0000, Eitan Adler wrote:
> eadler      2012-04-16 15:34:57 UTC
> 
>   FreeBSD ports repository
> 
>   Modified files:
>     security/vuxml       vuln.xml 
>   Log:
>   Add information about the recent nginx security vulnerability
>   
>   PR:             ports/166990
>   Submitted by:   rodrigo osorio <rodrigo@bebik.net>
>   
>   Revision  Changes    Path
>   1.2664    +31 -1     ports/security/vuxml/vuln.xml
> _______________________________________________
> cvs-all@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/cvs-all
> To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
> 
> 
> Index: ports/security/vuxml/vuln.xml
> diff -u ports/security/vuxml/vuln.xml:1.2663 ports/security/vuxml/vuln.xml:1.2664
> --- ports/security/vuxml/vuln.xml:1.2663	Sat Apr 14 16:45:06 2012
> +++ ports/security/vuxml/vuln.xml	Mon Apr 16 15:34:57 2012
> @@ -52,6 +52,36 @@
>  
>  -->
>  <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">;
> +  <vuln vid="0c14dfa7-879e-11e1-a2a0-00500802d8f7">
> +    <topic>nginx -- Buffer overflow in the ngx_http_mp4_module</topic>
> +    <affects>
> +      <package>
> +	<name>nginx</name>
> +	<range><lt>1.0.15</lt></range>
> +      </package>
> +      <package>
> +	<name>nginx-devel</name>
> +	<range><lt>1.1.19</lt></range>
> +      </package>
> +    </affects>
> +    <description>
> +      <body xmlns="http://www.w3.org/1999/xhtml">;
> +	<p>The nginx project reports:</p>
> +	<blockquote cite="http://nginx.org/en/security_advisories.html">;
> +	  <p>Buffer overflow in the ngx_http_mp4_module</p>
> +	</blockquote>
> +      </body>
> +    </description>
> +    <references>
> +      <cvename>CVE-2012-2089</cvename>
> +      <url>http://nginx.org/en/security_advisories.html</url>;
> +    </references>
> +    <dates>
> +      <discovery>2012-04-12</discovery>
> +      <entry>2012-04-16</entry>
> +    </dates>
> +  </vuln>
> +
>    <vuln vid="c80a3d93-8632-11e1-a374-14dae9ebcf89">
>      <topic>phpmyfaq -- Remote PHP Code Execution Vulnerability</topic>
>      <affects>



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120419080713.GB16794>