FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  351541
Date:      2014-04-18
Time:      14:56:43Z
Committer: ohauer

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
749b5587-2da1-11e3-b1a9-b499baab0cbegnupg -- possible infinite recursion in the compressed packet parser

Werner Koch reports:

Special crafted input data may be used to cause a denial of service against GPG (GnuPG's OpenPGP part) and some other OpenPGP implementations. All systems using GPG to process incoming data are affected..


Discovery 2013-10-05
Entry 2013-10-05
gnupg
lt 1.4.15

ge 2.0.0 lt 2.0.22

CVE-2013-4402
30394651-13e1-11dd-bab7-0016179b2dd5gnupg -- memory corruption vulnerability

Secunia reports:

A vulnerability has been reported in GnuPG, which can potentially be exploited to compromise a vulnerable system.

The vulnerability is caused due to an error when importing keys with duplicated IDs. This can be exploited to cause a memory corruption when importing keys via --refresh-keys or --import.

Successful exploitation potentially allows execution of arbitrary code, but has not been proven yet.


Discovery 2008-03-19
Entry 2008-04-26
Modified 2008-04-29
gnupg
ge 1.0.0 lt 1.4.9

ge 2.0.0 lt 2.0.9

28487
CVE-2008-1530
http://www.ocert.org/advisories/ocert-2008-1.html
http://secunia.com/advisories/29568
https://bugs.g10code.com/gnupg/issue894
30394651-13e1-11dd-bab7-0016179b2dd5gnupg -- memory corruption vulnerability

Secunia reports:

A vulnerability has been reported in GnuPG, which can potentially be exploited to compromise a vulnerable system.

The vulnerability is caused due to an error when importing keys with duplicated IDs. This can be exploited to cause a memory corruption when importing keys via --refresh-keys or --import.

Successful exploitation potentially allows execution of arbitrary code, but has not been proven yet.


Discovery 2008-03-19
Entry 2008-04-26
Modified 2008-04-29
gnupg
ge 1.0.0 lt 1.4.9

ge 2.0.0 lt 2.0.9

28487
CVE-2008-1530
http://www.ocert.org/advisories/ocert-2008-1.html
http://secunia.com/advisories/29568
https://bugs.g10code.com/gnupg/issue894