FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  456342
Date:      2017-12-14
Time:      19:44:02Z
Committer: bhughes

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1d0f6852-33d8-11e6-a671-60a44ce6887bPython -- Integer overflow in zipimport module

Python reports:

Possible integer overflow and heap corruption in zipimporter.get_data()


Discovery 2016-01-21
Entry 2016-06-17
python35
lt 3.5.1_3

python34
lt 3.4.4_3

python33
lt 3.3.6_5

python27
lt 2.7.11_3

http://bugs.python.org/issue26171
CVE-2016-5636
8d5368ef-40fe-11e6-b2ec-b499baebfeafPython -- smtplib StartTLS stripping vulnerability

Red Hat reports:

A vulnerability in smtplib allowing MITM attacker to perform a startTLS stripping attack. smtplib does not seem to raise an exception when the remote end (smtp server) is capable of negotiating starttls but fails to respond with 220 (ok) to an explicit call of SMTP.starttls(). This may allow a malicious MITM to perform a startTLS stripping attack if the client code does not explicitly check the response code for startTLS.


Discovery 2016-06-14
Entry 2016-07-03
python27
lt 2.7.12

python33
gt 0

python34
lt 3.4.5

python35
lt 3.5.2

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-0772
CVE-2016-0772