FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
40a8d798-4615-11e7-8080-a4badb2f4699	heimdal -- bypass of capath policy Viktor Dukhovni reports: Commit f469fc6 (2010-10-02) inadvertently caused the previous hop realm to not be added to the transit path of issued tickets. This may, in some cases, enable bypass of capath policy in Heimdal versions 1.5 through 7.2. Note, this may break sites that rely on the bug. With the bug some incomplete [capaths] worked, that should not have. These may now break authentication in some cross-realm configurations. (CVE-2017-6594) Discovery 2017-04-13 Entry 2017-05-31 heimdal < 7.1.0_3 CVE-2017-6594 ports/219657

VuXML ID

Description

40a8d798-4615-11e7-8080-a4badb2f4699

heimdal -- bypass of capath policy

Viktor Dukhovni reports:

Commit f469fc6 (2010-10-02) inadvertently caused the previous hop realm to not be added to the transit path of issued tickets. This may, in some cases, enable bypass of capath policy in Heimdal versions 1.5 through 7.2. Note, this may break sites that rely on the bug. With the bug some incomplete [capaths] worked, that should not have. These may now break authentication in some cross-realm configurations. (CVE-2017-6594)

Discovery 2017-04-13
Entry 2017-05-31
heimdal

< 7.1.0_3

CVE-2017-6594
ports/219657