FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  527060
Date:      2020-02-25
Time:      03:07:17Z
Committer: fluffy

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
9245681c-7c3c-11e7-b5af-a4badb2f4699sqlite3 -- heap-buffer overflow

Google reports:

A heap-buffer overflow (sometimes a crash) can arise when running a SQL request on malformed sqlite3 databases.

Discovery 2017-08-08
Entry 2017-08-08
Modified 2017-09-19
lt 3.20.0
546deeea-3fc6-11e6-a671-60a44ce6887bSQLite3 -- Tempdir Selection Vulnerability

KoreLogic security reports:

Affected versions of SQLite reject potential tempdir locations if they are not readable, falling back to '.'. Thus, SQLite will favor e.g. using cwd for tempfiles on such a system, even if cwd is an unsafe location. Notably, SQLite also checks the permissions of '.', but ignores the results of that check.

Discovery 2016-07-01
Entry 2016-07-03
lt 3.13.0

6d52bda1-2e54-11e8-a68f-485b3931c969SQLite -- Corrupt DB can cause a NULL pointer dereference

MITRE reports:

SQLite databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c.

Discovery 2018-03-16
Entry 2018-03-22
lt 3.22.0_1