FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  456287
Date:      2017-12-14
Time:      10:58:46Z
Committer: tz

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
8a1d0e63-1e07-11e5-b43d-002590263bf5pcre -- Heap Overflow Vulnerability in find_fixedlength()

Venustech ADLAB reports:

PCRE library is prone to a vulnerability which leads to Heap Overflow. During subpattern calculation of a malformed regular expression, an offset that is used as an array index is fully controlled and can be large enough so that unexpected heap memory regions are accessed.

One could at least exploit this issue to read objects nearby of the affected application's memory.

Such information disclosure may also be used to bypass memory protection method such as ASLR.


Discovery 2015-06-23
Entry 2015-06-29
pcre
le 8.37_1

CVE-2015-5073
https://bugs.exim.org/show_bug.cgi?id=1651
http://vcs.pcre.org/pcre?view=revision&revision=1571
http://www.openwall.com/lists/oss-security/2015/06/26/1
7033b42d-ef09-11e5-b766-14dae9d210b8pcre -- stack buffer overflow

Philip Hazel reports:

PCRE does not validate that handling the (*ACCEPT) verb will occur within the bounds of the cworkspace stack buffer, leading to a stack buffer overflow.


Discovery 2016-02-09
Entry 2016-03-21
Modified 2016-03-21
pcre
lt 8.38

pcre2
lt 10.20_1

https://bugs.exim.org/show_bug.cgi?id=1791
CVE-2016-3191
ff0acfb4-3efa-11e5-93ad-002590263bf5pcre -- heap overflow vulnerability in '(?|' situations

Venustech ADLAB reports:

PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compile_regex. Exploits with advanced Heap Fengshui techniques may allow an attacker to execute arbitrary code in the context of the user running the affected application.

Latest version of PCRE is prone to a Heap Overflow vulnerability which could caused by the following regular expression.

/(?J:(?|(:(?|(?'R')(\k'R')|((?'R')))H'Rk'Rf)|s(?'R'))))/


Discovery 2015-08-05
Entry 2015-08-10
pcre
le 8.37_2

ports/202209
https://bugs.exim.org/show_bug.cgi?id=1667
6900e6f1-4a79-11e5-9ad8-14dae9d210b8pcre -- heap overflow vulnerability

Guanxing Wen reports:

PCRE library is prone to a vulnerability which leads to Heap Overflow. During the compilation of a malformed regular expression, more data is written on the malloced block than the expected size output by compile_regex(). The Heap Overflow vulnerability is caused by the following regular expression.

/(?J:(?|(:(?|(?'R')(\z(?|(?'R')(\k'R')|((?'R')))k'R')|((?'R')))H'Ak'Rf)|s(?'R')))/

A dry run of this particular regular expression with pcretest will reports "double free or corruption (!prev)". But it is actually a heap overflow problem. The overflow only affects pcre 8.x branch, pcre2 branch is not affected.


Discovery 2015-08-21
Entry 2015-08-24
pcre
lt 8.37_4

http://seclists.org/oss-sec/2015/q3/295
https://bugs.exim.org/show_bug.cgi?id=1672
497b82e0-f9a0-11e5-92ce-002590263bf5pcre -- heap overflow vulnerability

Mitre reports:

The pcre_compile2 function in pcre_compile.c in PCRE 8.38 mishandles the /((?:F?+(?:^(?(R)a+\"){99}-))(?J)(?'R'(?'R'<((?'RR'(?'R'\){97)?J)?J)(?'R'(?'R'\){99|(:(?|(?'R')(\k'R')|((?'R')))H'R'R)(H'R))))))/ pattern and related patterns with named subgroups, which allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript RegExp object encountered by Konqueror.


Discovery 2016-02-27
Entry 2016-04-03
pcre
lt 8.38_1

CVE-2016-1283
ports/208260
https://bugs.exim.org/show_bug.cgi?id=1767