FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-25 11:22:49 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
57a700f9-12c0-11e2-9f86-001d923933b6	dns/bind9* -- crash on deliberately constructed combination of records ISC reports: A deliberately constructed combination of records could cause named to hang while populating the additional section of a response. Discovery 2012-09-26 Entry 2012-10-10 bind99 < 9.9.1.4 bind99-base < 9.9.1.4 bind98 < 9.8.3.4 bind98-base < 9.8.3.4 bind97 < 9.7.6.4 bind97-base < 9.7.6.4 bind96 < 9.6.3.1.ESV.R7.4 bind96-base < 9.6.3.1.ESV.R7.4 CVE-2012-5166
53a0ddef-0208-11e2-8afa-0024e830109b	dns/bind9* -- Several vulnerabilities ISC reports: Prevents a crash when queried for a record whose RDATA exceeds 65535 bytes. Prevents a crash when validating caused by using "Bad cache" data before it has been initialized. ISC_QUEUE handling for recursive clients was updated to address a race condition that could cause a memory leak. This rarely occurred with UDP clients, but could be a significant problem for a server handling a steady rate of TCP queries. A condition has been corrected where improper handling of zero-length RDATA could cause undesirable behavior, including termination of the named process. Discovery 2012-09-12 Entry 2012-09-18 bind99 < 9.9.1.3 bind98 < 9.8.3.3 bind97 < 9.7.6.3 bind96 < 9.6.3.1.ESV.R7.3

VuXML ID

Description

57a700f9-12c0-11e2-9f86-001d923933b6

dns/bind9* -- crash on deliberately constructed combination of records

ISC reports:

A deliberately constructed combination of records could cause named to hang while populating the additional section of a response.

Discovery 2012-09-26
Entry 2012-10-10
bind99

< 9.9.1.4

bind99-base

< 9.9.1.4

bind98

< 9.8.3.4

bind98-base

< 9.8.3.4

bind97

< 9.7.6.4

bind97-base

< 9.7.6.4

bind96

< 9.6.3.1.ESV.R7.4

bind96-base

< 9.6.3.1.ESV.R7.4

CVE-2012-5166

53a0ddef-0208-11e2-8afa-0024e830109b

dns/bind9* -- Several vulnerabilities

ISC reports:

Prevents a crash when queried for a record whose RDATA exceeds 65535 bytes.

Prevents a crash when validating caused by using "Bad cache" data before it has been initialized.

ISC_QUEUE handling for recursive clients was updated to address a race condition that could cause a memory leak. This rarely occurred with UDP clients, but could be a significant problem for a server handling a steady rate of TCP queries.

A condition has been corrected where improper handling of zero-length RDATA could cause undesirable behavior, including termination of the named process.

Discovery 2012-09-12
Entry 2012-09-18
bind99

< 9.9.1.3

bind98

< 9.8.3.3

bind97

< 9.7.6.3

bind96

< 9.6.3.1.ESV.R7.3