FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  454471
Date:      2017-11-19
Time:      02:38:29Z
Committer: wen

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
2ecb7b20-d97e-11e0-b2e2-00215c6a37bbOpenSSL -- multiple vulnerabilities

OpenSSL Team reports:

Two security flaws have been fixed in OpenSSL 1.0.0e

Under certain circumstances OpenSSL's internal certificate verification routines can incorrectly accept a CRL whose nextUpdate field is in the past. (CVE-2011-3207)

OpenSSL server code for ephemeral ECDH ciphersuites is not thread-safe, and furthermore can crash if a client violates the protocol by sending handshake messages in incorrect order. (CVE-2011-3210)

Discovery 2011-09-06
Entry 2011-09-07
Modified 2014-04-10
ge 1.0.0 lt 1.0.0_6

ge 0.9.8 lt 1.0.0

ge 0.9.8 lt 0.9.8r

82b55df8-4d5a-11de-8811-0030843d3802openssl -- denial of service in DTLS implementation

Secunia reports:

Some vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to cause a DoS.

The library does not limit the number of buffered DTLS records with a future epoch. This can be exploited to exhaust all available memory via specially crafted DTLS packets.

An error when processing DTLS messages can be exploited to exhaust all available memory by sending a large number of out of sequence handshake messages.

Discovery 2009-05-18
Entry 2009-05-30
Modified 2014-04-10
ge 0.9.8 lt 0.9.8k_1

ge 0.9.8f lt 0.9.8m