FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  514293
Date:      2019-10-11
Time:      17:36:37Z
Committer: pi

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2001103a-6bbd-11d9-851d-000a95bc6faeimlib -- xpm heap buffer overflows and integer overflows

Pavel Kankovsky reports:

Imlib affected by a variant of CAN-2004-0782 too.

I've discovered more vulnerabilities in Imlib (1.9.13). In particular, it appears to be affected by a variant of Chris Evans' libXpm flaw #1 (CAN-2004-0782, see http://scary.beasts.org/security/CESA-2004-003.txt). Look at the attached image, it kills ee on my 7.3.

The flaws also affect imlib2.


Discovery 2004-12-06
Entry 2005-01-21
imlib
lt 1.9.15_2

imlib2
lt 1.1.2_1

CVE-2004-1025
CVE-2004-1026
11830
https://bugzilla.fedora.us/show_bug.cgi?id=2051#c11
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=138516
http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/src/modules/loaders/loader_xpm.c#rev1.3
2001103a-6bbd-11d9-851d-000a95bc6faeimlib -- xpm heap buffer overflows and integer overflows

Pavel Kankovsky reports:

Imlib affected by a variant of CAN-2004-0782 too.

I've discovered more vulnerabilities in Imlib (1.9.13). In particular, it appears to be affected by a variant of Chris Evans' libXpm flaw #1 (CAN-2004-0782, see http://scary.beasts.org/security/CESA-2004-003.txt). Look at the attached image, it kills ee on my 7.3.

The flaws also affect imlib2.


Discovery 2004-12-06
Entry 2005-01-21
imlib
lt 1.9.15_2

imlib2
lt 1.1.2_1

CVE-2004-1025
CVE-2004-1026
11830
https://bugzilla.fedora.us/show_bug.cgi?id=2051#c11
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=138516
http://cvs.sourceforge.net/viewcvs.py/enlightenment/e17/libs/imlib2/src/modules/loaders/loader_xpm.c#rev1.3