FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 03:12:49 UTC

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
88dfd92f-3b9c-11eb-929d-d4c9ef517024	LibreSSL -- NULL pointer dereference The LibreSSL project reports: Malformed ASN.1 in a certificate revocation list or a timestamp response token can lead to a NULL pointer dereference. Discovery 2020-12-08 Entry 2020-12-11 Modified 2020-12-12 libressl gt 3.2.0 lt 3.2.3 < 3.1.5 libressl-devel < 3.3.1 https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.3-relnotes.txt
eeca52dc-866c-11eb-b8d6-d4c9ef517024	LibreSSL -- use-after-free OpenBSD reports: A TLS client using session resumption may cause a use-after-free. Discovery 2021-03-15 Entry 2021-03-16 libressl < 3.2.4_1 https://marc.info/?l=openbsd-announce&m=161582456312832&w=2 https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/017_libssl.patch.sig

VuXML ID

Description

88dfd92f-3b9c-11eb-929d-d4c9ef517024

LibreSSL -- NULL pointer dereference

The LibreSSL project reports:

Malformed ASN.1 in a certificate revocation list or a timestamp response token can lead to a NULL pointer dereference.

Discovery 2020-12-08
Entry 2020-12-11
Modified 2020-12-12
libressl

gt 3.2.0 lt 3.2.3

< 3.1.5

< 3.3.1

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.3-relnotes.txt

LibreSSL -- use-after-free

OpenBSD reports:

A TLS client using session resumption may cause a use-after-free.

Discovery 2021-03-15
Entry 2021-03-16
libressl

< 3.2.4_1

https://marc.info/?l=openbsd-announce&m=161582456312832&w=2
https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/017_libssl.patch.sig