FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2025-11-18 10:11:03 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
55c4e822-b4e4-11f0-8438-001b217e4ee5	ISC KEA -- Invalid characters cause assert Internet Systems Consortium, Inc. reports: To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must NOT be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This addresses CVE-2025-11232 [#4142, #4155]. Discovery 2025-10-29 Entry 2025-10-29 kea >= 3.0.1 lt 3.0.2 kea-devel >= 3.1.1 lt 3.1.3 CVE-2025-11232 https://kb.isc.org/docs/cve-2025-11232

VuXML ID

Description

55c4e822-b4e4-11f0-8438-001b217e4ee5

ISC KEA -- Invalid characters cause assert

Internet Systems Consortium, Inc. reports:

To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must NOT be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This addresses CVE-2025-11232 [#4142, #4155].

Discovery 2025-10-29
Entry 2025-10-29
kea

>= 3.0.1 lt 3.0.2

kea-devel

>= 3.1.1 lt 3.1.3

CVE-2025-11232
https://kb.isc.org/docs/cve-2025-11232