FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
5a771686-9e33-11e8-8b2d-9cf7a8059466	chicken -- multiple vulnerabilities CHICKEN reports: CVE-2017-6949: Unchecked malloc() call in SRFI-4 constructors when allocating in non-GC memory, resulting in potential 1-word buffer overrun and/or segfault CVE-2017-9334: "length" crashes on improper lists CVE-2017-11343: The randomization factor of the symbol table was set before the random seed was set, causing it to have a fixed value on many platforms Discovery 2017-03-16 Entry 2018-08-12 chicken < 4.13.0,1 https://code.call-cc.org/releases/4.13.0/NEWS CVE-2017-6949 CVE-2017-9334 CVE-2017-11343
c6932dd4-eaff-11e6-9ac1-a4badb2f4699	chicken -- multiple vulnerabilities Peter Bex reports: A buffer overflow error was found in the POSIX unit's procedures process-execute and process-spawn. Additionally, a memory leak existed in this code, which would be triggered when an error is raised during argument and environment processing. Irregex versions before 0.9.6 contain a resource exhaustion vulnerability: when compiling deeply nested regexes containing the "+" operator due to exponential expansion behaviour. Discovery 2016-08-12 Entry 2017-02-04 Modified 2017-03-05 chicken < 4.12,1 http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html CVE-2016-6830 CVE-2016-6831 CVE-2016-9954 ports/216661

VuXML ID

Description

5a771686-9e33-11e8-8b2d-9cf7a8059466

chicken -- multiple vulnerabilities

CHICKEN reports:

CVE-2017-6949: Unchecked malloc() call in SRFI-4 constructors when allocating in non-GC memory, resulting in potential 1-word buffer overrun and/or segfault

CVE-2017-9334: "length" crashes on improper lists

CVE-2017-11343: The randomization factor of the symbol table was set before the random seed was set, causing it to have a fixed value on many platforms

Discovery 2017-03-16
Entry 2018-08-12
chicken

< 4.13.0,1

https://code.call-cc.org/releases/4.13.0/NEWS
CVE-2017-6949
CVE-2017-9334
CVE-2017-11343

c6932dd4-eaff-11e6-9ac1-a4badb2f4699

chicken -- multiple vulnerabilities

Peter Bex reports:

A buffer overflow error was found in the POSIX unit's procedures process-execute and process-spawn.

Additionally, a memory leak existed in this code, which would be triggered when an error is raised during argument and environment processing.

Irregex versions before 0.9.6 contain a resource exhaustion vulnerability: when compiling deeply nested regexes containing the "+" operator due to exponential expansion behaviour.

Discovery 2016-08-12
Entry 2017-02-04
Modified 2017-03-05
chicken

< 4.12,1

http://lists.nongnu.org/archive/html/chicken-announce/2016-08/msg00001.html
CVE-2016-6830
CVE-2016-6831
CVE-2016-9954
ports/216661