FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
fe910ed6-f88d-11e4-9ae3-0050562a4d7b	suricata -- TLS/DER Parser Bug (DoS) OISF Development Team reports: The OISF development team is pleased to announce Suricata 2.0.8. This release fixes a number of issues in the 2.0 series. The most important issue is a bug in the DER parser which is used to decode SSL/TLS certificates could crash Suricata. This issue was reported by Kostya Kortchinsky of the Google Security Team and was fixed by Pierre Chifflier of ANSSI. Those processing large numbers of (untrusted) pcap files need to update as a malformed pcap could crash Suricata. Again, credits go to Kostya Kortchinsky. Discovery 2015-05-06 Entry 2015-05-12 suricata < 2.0.8 CVE-2015-0971 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0971 https://github.com/inliniac/suricata/commit/fa73a0bb8f312fd0a95cc70f6b3ee4e4997bdba7

VuXML ID

Description

fe910ed6-f88d-11e4-9ae3-0050562a4d7b

suricata -- TLS/DER Parser Bug (DoS)

OISF Development Team reports:

The OISF development team is pleased to announce Suricata 2.0.8. This release fixes a number of issues in the 2.0 series.

The most important issue is a bug in the DER parser which is used to decode SSL/TLS certificates could crash Suricata. This issue was reported by Kostya Kortchinsky of the Google Security Team and was fixed by Pierre Chifflier of ANSSI.

Those processing large numbers of (untrusted) pcap files need to update as a malformed pcap could crash Suricata. Again, credits go to Kostya Kortchinsky.

Discovery 2015-05-06
Entry 2015-05-12
suricata

< 2.0.8

CVE-2015-0971
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0971
https://github.com/inliniac/suricata/commit/fa73a0bb8f312fd0a95cc70f6b3ee4e4997bdba7