FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  468227
Date:      2018-04-24
Time:      18:07:21Z
Committer: riggs

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
57b3aba7-1e25-11e6-8dd3-002590263bf5expat -- denial of service vulnerability on malformed input

Gustavo Grieco reports:

The Expat XML parser mishandles certain kinds of malformed input documents, resulting in buffer overflows during processing and error reporting. The overflows can manifest as a segmentation fault or as memory corruption during a parse operation. The bugs allow for a denial of service attack in many applications by an unauthenticated attacker, and could conceivably result in remote code execution.


Discovery 2016-05-17
Entry 2016-05-20
Modified 2016-11-30
expat
lt 2.1.1

linux-c6-expat
lt 2.0.1_3

linux-c7-expat
lt 2.1.0_1

CVE-2016-0718
ports/209360
http://www.openwall.com/lists/oss-security/2016/05/17/12