FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  375358
Date:      2014-12-23
Time:      21:24:55Z
Committer: rea

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8e5e6d42-a0fa-11e3-b09a-080027f2d077Python -- buffer overflow in socket.recvfrom_into()

Vincent Danen via Red Hat Issue Tracker reports:

A vulnerability was reported in Python's socket module, due to a boundary error within the sock_recvfrom_into() function, which could be exploited to cause a buffer overflow. This could be used to crash a Python application that uses the socket.recvfrom_info() function or, possibly, execute arbitrary code with the permissions of the user running vulnerable Python code.

This vulnerable function, socket.recvfrom_into(), was introduced in Python 2.5. Earlier versions are not affected by this flaw.


Discovery 2014-01-14
Entry 2014-03-01
python27
le 2.7.6_3

python31
le 3.1.5_10

python32
le 3.2.5_7

python33
le 3.3.3_2

65379
CVE-2014-1912
https://mail.python.org/pipermail/python-dev/2014-February/132758.html
http://bugs.python.org/issue20246
https://bugzilla.redhat.com/show_bug.cgi?id=1062370
b4f8be9e-56b2-11e1-9fb7-003067b2972cPython -- DoS via malformed XML-RPC / HTTP POST request

Jan Lieskovsky reports,

A denial of service flaw was found in the way Simple XML-RPC Server module of Python processed client connections, that were closed prior the complete request body has been received. A remote attacker could use this flaw to cause Python Simple XML-RPC based server process to consume excessive amount of CPU.


Discovery 2012-02-13
Entry 2012-02-14
Modified 2012-02-26
python32
le 3.2.2_2

python31
le 3.1.4_2

python27
le 2.7.2_3

python26
le 2.6.7_2

python25
le 2.5.6_2

python24
le 2.4.5_8

pypy
le 1.7

CVE-2012-0845
http://bugs.python.org/issue14001
https://bugzilla.redhat.com/show_bug.cgi?id=789790
https://bugs.pypy.org/issue1047
b4f8be9e-56b2-11e1-9fb7-003067b2972cPython -- DoS via malformed XML-RPC / HTTP POST request

Jan Lieskovsky reports,

A denial of service flaw was found in the way Simple XML-RPC Server module of Python processed client connections, that were closed prior the complete request body has been received. A remote attacker could use this flaw to cause Python Simple XML-RPC based server process to consume excessive amount of CPU.


Discovery 2012-02-13
Entry 2012-02-14
Modified 2012-02-26
python32
le 3.2.2_2

python31
le 3.1.4_2

python27
le 2.7.2_3

python26
le 2.6.7_2

python25
le 2.5.6_2

python24
le 2.4.5_8

pypy
le 1.7

CVE-2012-0845
http://bugs.python.org/issue14001
https://bugzilla.redhat.com/show_bug.cgi?id=789790
https://bugs.pypy.org/issue1047