FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  321338
Date:      2013-06-19
Time:      21:56:56Z
Committer: jgh

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
aecee357-739e-11e1-a883-001cc0a36e12	gnutls -- possible overflow/Denial of service vulnerabilities Mu Dynamics, Inc. reports: The block cipher decryption logic in GnuTLS assumed that a record containing any data which was a multiple of the block size was valid for further decryption processing, leading to a heap corruption vulnerability. Discovery 2012-03-20 Entry 2012-03-21 Modified 2012-03-24 gnutls lt 2.12.18 gnutls-devel gt 2.99 lt 3.0.15 CVE-2012-1573
aecee357-739e-11e1-a883-001cc0a36e12	gnutls -- possible overflow/Denial of service vulnerabilities Mu Dynamics, Inc. reports: The block cipher decryption logic in GnuTLS assumed that a record containing any data which was a multiple of the block size was valid for further decryption processing, leading to a heap corruption vulnerability. Discovery 2012-03-20 Entry 2012-03-21 Modified 2012-03-24 gnutls lt 2.12.18 gnutls-devel gt 2.99 lt 3.0.15 CVE-2012-1573
2e7e9072-73a0-11e1-a883-001cc0a36e12	libtasn1 -- ASN.1 length decoding vulnerability Mu Dynamics, Inc. reports: Various functions using the ASN.1 length decoding logic in Libtasn1 were incorrectly assuming that the return value from asn1_get_length_der is always less than the length of the enclosing ASN.1 structure, which is only true for valid structures and not for intentionally corrupt or otherwise buggy structures. Discovery 2012-03-20 Entry 2012-03-21 Modified 2012-03-24 libtasn1 lt 2.12 gnutls lt 2.12.18 gnutls-devel gt 2.99 lt 3.0.16 CVE-2012-1569
2e7e9072-73a0-11e1-a883-001cc0a36e12	libtasn1 -- ASN.1 length decoding vulnerability Mu Dynamics, Inc. reports: Various functions using the ASN.1 length decoding logic in Libtasn1 were incorrectly assuming that the return value from asn1_get_length_der is always less than the length of the enclosing ASN.1 structure, which is only true for valid structures and not for intentionally corrupt or otherwise buggy structures. Discovery 2012-03-20 Entry 2012-03-21 Modified 2012-03-24 libtasn1 lt 2.12 gnutls lt 2.12.18 gnutls-devel gt 2.99 lt 3.0.16 CVE-2012-1569