FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  374826
Date:      2014-12-16
Time:      22:06:31Z
Committer: cs

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
e02c572f-2af0-11e2-bb44-003067b2972cweechat -- Crash or freeze when decoding IRC colors in strings

Sebastien Helleu reports:

A buffer overflow is causing a crash or freeze of WeeChat when decoding IRC colors in strings.

Workaround for a non-patched version: /set irc.network.colors_receive off


Discovery 2012-11-09
Entry 2012-11-10
Modified 2012-11-13
weechat
ge 0.3.6 lt 0.3.9.1

weechat-devel
ge 20110614 lt 20121110

CVE-2012-5854
ports/173513
http://weechat.org/security/
https://savannah.nongnu.org/bugs/?37704
81826d12-317a-11e2-9186-406186f3d89dweechat -- Arbitrary shell command execution via scripts

Sebastien Helleu reports:

Untrusted command for function hook_process could lead to execution of commands, because of shell expansions.

Workaround with a non-patched version: remove/unload all scripts calling function hook_process (for maximum safety).


Discovery 2012-11-15
Entry 2012-11-18
Modified 2012-11-18
weechat
ge 0.3.0 lt 0.3.9.2

weechat-devel
lt 20121118

http://weechat.org/security/
https://savannah.nongnu.org/bugs/?37764