FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  452696
Date:      2017-10-23
Time:      08:57:11Z
Committer: brnrd

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
253c6889-06f0-11e6-925f-6805ca0b3d42ansible -- use of predictable paths in lxc_container

Ansible developers report:

CVE-2016-3096: do not use predictable paths in lxc_container

  • do not use a predictable filename for the LXC attach script
  • don't use predictable filenames for LXC attach script logging
  • don't set a predictable archive_path

this should prevent symlink attacks which could result in

  • data corruption
  • data leakage
  • privilege escalation

Discovery 2016-04-02
Entry 2016-04-20
ansible
ge 2.0.0.0 lt 2.0.2.0

ansible1
lt 1.9.6

CVE-2016-3096
https://github.com/ansible/ansible-modules-extras/pull/1941/commits/8c6fe646ee79f5e55361b885b7efed5bec72d4a4
https://bugzilla.redhat.com/show_bug.cgi?id=1322925