FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  456278
Date:      2017-12-14
Time:      06:41:58Z
Committer: remko

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
4464212e-4acd-11e5-934b-002590263bf5go -- multiple vulnerabilities

Jason Buberel, Go Product Manager, reports:

CVE-2015-5739 - "Content Length" treated as valid header

CVE-2015-5740 - Double content-length headers does not return 400 error

CVE-2015-5741 - Additional hardening, not sending Content-Length w/Transfer-Encoding, Closing connections

Discovery 2015-07-29
Entry 2015-08-25
lt 1.4.3,1

lt 1.4.3

f2217cdf-01e4-11e6-b1ce-002590263bf5go -- remote denial of service

Jason Buberel reports:

Go has an infinite loop in several big integer routines that makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client authentication or the Go ssh server libraries are both exposed to this vulnerability.

Discovery 2016-04-05
Entry 2016-04-14
lt 1.6.1,1