FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
daa8a49b-99b9-11e4-8f66-3085a9a4510d	libevent -- integer overflow in evbuffers Debian Security Team reports: Andrew Bartlett of Catalyst reported a defect affecting certain applications using the Libevent evbuffer API. This defect leaves applications which pass insanely large inputs to evbuffers open to a possible heap overflow or infinite loop. In order to exploit this flaw, an attacker needs to be able to find a way to provoke the program into trying to make a buffer chunk larger than what will fit into a single size_t or off_t. Discovery 2015-01-05 Entry 2015-01-11 Modified 2017-02-20 libevent < 1.4.15 ge 2.0 lt 2.0.22 libevent2 < 2.0.22 CVE-2014-6272 https://www.debian.org/security/2015/dsa-3119

VuXML ID

Description

daa8a49b-99b9-11e4-8f66-3085a9a4510d

libevent -- integer overflow in evbuffers

Debian Security Team reports:

Andrew Bartlett of Catalyst reported a defect affecting certain applications using the Libevent evbuffer API. This defect leaves applications which pass insanely large inputs to evbuffers open to a possible heap overflow or infinite loop. In order to exploit this flaw, an attacker needs to be able to find a way to provoke the program into trying to make a buffer chunk larger than what will fit into a single size_t or off_t.

Discovery 2015-01-05
Entry 2015-01-11
Modified 2017-02-20
libevent

< 1.4.15

ge 2.0 lt 2.0.22

libevent2

< 2.0.22

CVE-2014-6272
https://www.debian.org/security/2015/dsa-3119