FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  371119
Date:      2014-10-18
Time:      12:52:26Z
Committer: kwm

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1c840eb9-fb32-11e3-866e-b499baab0cbegnupg -- possible DoS using garbled compressed data packets

Werner Koch reports:

This release includes a *security fix* to stop a possible DoS using garbled compressed data packets which can be used to put gpg into an infinite loop.


Discovery 2014-06-23
Entry 2014-06-23
gnupg1
lt 1.4.17

gnupg
lt 2.0.24

http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000344.html
http://lists.gnupg.org/pipermail/gnupg-announce/2014q2/000345.html
749b5587-2da1-11e3-b1a9-b499baab0cbegnupg -- possible infinite recursion in the compressed packet parser

Werner Koch reports:

Special crafted input data may be used to cause a denial of service against GPG (GnuPG's OpenPGP part) and some other OpenPGP implementations. All systems using GPG to process incoming data are affected..


Discovery 2013-10-05
Entry 2013-10-05
gnupg
lt 1.4.15

ge 2.0.0 lt 2.0.22

CVE-2013-4402