FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
9bdd8eb5-564a-11e5-9ad8-14dae9d210b8wireshark -- multiple vulnerabilities

Wireshark development team reports:

The following vulnerabilities have been fixed.

  • wnpa-sec-2015-21

    Protocol tree crash. (Bug 11309)

  • wnpa-sec-2015-22

    Memory manager crash. (Bug 11373)

  • wnpa-sec-2015-23

    Dissector table crash. (Bug 11381)

  • wnpa-sec-2015-24

    ZigBee crash. (Bug 11389)

  • wnpa-sec-2015-25

    GSM RLC/MAC infinite loop. (Bug 11358)

  • wnpa-sec-2015-26

    WaveAgent crash. (Bug 11358)

  • wnpa-sec-2015-27

    OpenFlow infinite loop. (Bug 11358)

  • wnpa-sec-2015-28

    Ptvcursor crash. (Bug 11358)

  • wnpa-sec-2015-29

    WCCP crash. (Bug 11358)


Discovery 2015-08-12
Entry 2015-09-08
Modified 2015-09-08
wireshark
wireshark-lite
wireshark-qt5
tshark
tshark-lite
lt 1.12.7

https://www.wireshark.org/docs/relnotes/wireshark-1.12.7.html
CVE-2015-6241
CVE-2015-6242
CVE-2015-6243
CVE-2015-6244
CVE-2015-6245
CVE-2015-6246
CVE-2015-6247
CVE-2015-6248
CVE-2015-6249
42c2c422-df55-11e5-b2bd-002590263bf5wireshark -- multiple vulnerabilities

Wireshark development team reports:

The following vulnerabilities have been fixed:

  • wnpa-sec-2015-31

    NBAP dissector crashes. (Bug 11602, Bug 11835, Bug 11841)

  • wnpa-sec-2015-37

    NLM dissector crash.

  • wnpa-sec-2015-39

    BER dissector crash.

  • wnpa-sec-2015-40

    Zlib decompression crash. (Bug 11548)

  • wnpa-sec-2015-41

    SCTP dissector crash. (Bug 11767)

  • wnpa-sec-2015-42

    802.11 decryption crash. (Bug 11790, Bug 11826)

  • wnpa-sec-2015-43

    DIAMETER dissector crash. (Bug 11792)

  • wnpa-sec-2015-44

    VeriWave file parser crashes. (Bug 11789, Bug 11791)

  • wnpa-sec-2015-45

    RSVP dissector crash. (Bug 11793)

  • wnpa-sec-2015-46

    ANSI A and GSM A dissector crashes. (Bug 11797)

  • wnpa-sec-2015-47

    Ascend file parser crash. (Bug 11794)

  • wnpa-sec-2015-48

    NBAP dissector crash. (Bug 11815)

  • wnpa-sec-2015-49

    RSL dissector crash. (Bug 11829)

  • wnpa-sec-2015-50

    ZigBee ZCL dissector crash. (Bug 11830)

  • wnpa-sec-2015-51

    Sniffer file parser crash. (Bug 11827)

  • wnpa-sec-2015-52

    NWP dissector crash. (Bug 11726)

  • wnpa-sec-2015-53

    BT ATT dissector crash. (Bug 11817)

  • wnpa-sec-2015-54

    MP2T file parser crash. (Bug 11820)

  • wnpa-sec-2015-55

    MP2T file parser crash. (Bug 11821)

  • wnpa-sec-2015-56

    S7COMM dissector crash. (Bug 11823)

  • wnpa-sec-2015-57

    IPMI dissector crash. (Bug 11831)

  • wnpa-sec-2015-58

    TDS dissector crash. (Bug 11846)

  • wnpa-sec-2015-59

    PPI dissector crash. (Bug 11876)

  • wnpa-sec-2015-60

    MS-WSP dissector crash. (Bug 11931)


Discovery 2015-12-29
Entry 2016-03-01
wireshark
wireshark-lite
wireshark-qt5
tshark
tshark-lite
lt 2.0.1

https://www.wireshark.org/docs/relnotes/wireshark-2.0.1.html
313e9557-41e8-11e6-ab34-002590263bf5wireshark -- multiple vulnerabilities

Wireshark development team reports:

The following vulnerabilities have been fixed:

  • wnpa-sec-2016-29

    The SPOOLS dissector could go into an infinite loop. Discovered by the CESG.

  • wnpa-sec-2016-30

    The IEEE 802.11 dissector could crash. (Bug 11585)

  • wnpa-sec-2016-31

    The IEEE 802.11 dissector could crash. Discovered by Mateusz Jurczyk. (Bug 12175)

  • wnpa-sec-2016-32

    The UMTS FP dissector could crash. (Bug 12191)

  • wnpa-sec-2016-33

    Some USB dissectors could crash. Discovered by Mateusz Jurczyk. (Bug 12356)

  • wnpa-sec-2016-34

    The Toshiba file parser could crash. Discovered by iDefense Labs. (Bug 12394)

  • wnpa-sec-2016-35

    The CoSine file parser could crash. Discovered by iDefense Labs. (Bug 12395)

  • wnpa-sec-2016-36

    The NetScreen file parser could crash. Discovered by iDefense Labs. (Bug 12396)

  • wnpa-sec-2016-37

    The Ethernet dissector could crash. (Bug 12440)


Discovery 2016-06-07
Entry 2016-07-04
wireshark
wireshark-lite
wireshark-qt5
tshark
tshark-lite
lt 2.0.4

CVE-2016-5350
CVE-2016-5351
CVE-2016-5352
CVE-2016-5353
CVE-2016-5354
CVE-2016-5355
CVE-2016-5356
CVE-2016-5357
CVE-2016-5358
https://www.wireshark.org/docs/relnotes/wireshark-2.0.4.html
http://www.openwall.com/lists/oss-security/2016/06/09/4
a13500d0-0570-11e5-aab1-d050996490d0wireshark -- multiple vulnerabilities

Wireshark development team reports:

The following vulnerabilities have been fixed.

  • wnpa-sec-2015-12

    The LBMR dissector could go into an infinite loop. (Bug 11036) CVE-2015-3808, CVE-2015-3809

  • wnpa-sec-2015-13

    The WebSocket dissector could recurse excessively. (Bug 10989) CVE-2015-3810

  • wnpa-sec-2015-14

    The WCP dissector could crash while decompressing data. (Bug 10978) CVE-2015-3811

  • wnpa-sec-2015-15

    The X11 dissector could leak memory. (Bug 11088) CVE-2015-3812

  • wnpa-sec-2015-16

    The packet reassembly code could leak memory. (Bug 11129) CVE-2015-3813

  • wnpa-sec-2015-17

    The IEEE 802.11 dissector could go into an infinite loop. (Bug 11110) CVE-2015-3814

  • wnpa-sec-2015-18

    The Android Logcat file parser could crash. Discovered by Hanno Böck. (Bug 11188) CVE-2015-3815


Discovery 2015-05-12
Entry 2015-05-28
wireshark
wireshark-lite
tshark
tshark-lite
lt 1.12.5

CVE-2015-3808
CVE-2015-3809
CVE-2015-3810
CVE-2015-3811
CVE-2015-3812
CVE-2015-3813
CVE-2015-3814
CVE-2015-3815
https://www.wireshark.org/docs/relnotes/wireshark-1.12.5.html
https://www.wireshark.org/security/wnpa-sec-2015-12.html
https://www.wireshark.org/security/wnpa-sec-2015-13.html
https://www.wireshark.org/security/wnpa-sec-2015-14.html
https://www.wireshark.org/security/wnpa-sec-2015-15.html
https://www.wireshark.org/security/wnpa-sec-2015-16.html
https://www.wireshark.org/security/wnpa-sec-2015-17.html
https://www.wireshark.org/security/wnpa-sec-2015-18.html
7fff2b16-b0ee-11e6-86b8-589cfc054129wireshark -- multiple vulnerabilities

Wireshark project reports:

Wireshark project is releasing Wireshark 2.2.2, which addresses:

  • wnpa-sec-2016-58: Profinet I/O long loop - CVE-2016-9372
  • wnpa-sec-2016-59: AllJoyn crash - CVE-2016-9374
  • wnpa-sec-2016-60: OpenFlow crash - CVE-2016-9376
  • wnpa-sec-2016-61: DCERPC crash - CVE-2016-9373
  • wnpa-sec-2016-62: DTN infinite loop - CVE-2016-9375

Discovery 2016-11-16
Entry 2016-12-01
tshark
lt 2.2.2

tshark-lite
lt 2.2.2

wireshark
lt 2.2.2

wireshark-lite
lt 2.2.2

wireshark-qt5
lt 2.2.2

https://www.wireshark.org/docs/relnotes/wireshark-2.2.2.html
CVE-2016-9372
CVE-2016-9373
CVE-2016-9374
CVE-2016-9375
CVE-2016-9376
610101ea-5b6a-11e6-b334-002590263bf5wireshark -- multiple vulnerabilities

Wireshark development team reports:

The following vulnerabilities have been fixed:

  • wnpa-sec-2016-41

    PacketBB crash. (Bug 12577)

  • wnpa-sec-2016-42

    WSP infinite loop. (Bug 12594)

  • wnpa-sec-2016-44

    RLC long loop. (Bug 12660)

  • wnpa-sec-2016-45

    LDSS dissector crash. (Bug 12662)

  • wnpa-sec-2016-46

    RLC dissector crash. (Bug 12664)

  • wnpa-sec-2016-47

    OpenFlow long loop. (Bug 12659)

  • wnpa-sec-2016-48

    MMSE, WAP, WBXML, and WSP infinite loop. (Bug 12661)

  • wnpa-sec-2016-49

    WBXML crash. (Bug 12663)


Discovery 2016-07-27
Entry 2016-08-06
wireshark
wireshark-lite
wireshark-qt5
tshark
tshark-lite
lt 2.0.5

CVE-2016-6505
CVE-2016-6506
CVE-2016-6508
CVE-2016-6509
CVE-2016-6510
CVE-2016-6511
CVE-2016-6512
CVE-2016-6513
https://www.wireshark.org/docs/relnotes/wireshark-2.0.5.html
http://www.openwall.com/lists/oss-security/2016/08/01/4
45117749-df55-11e5-b2bd-002590263bf5wireshark -- multiple vulnerabilities

Wireshark development team reports:

The following vulnerabilities have been fixed:

  • wnpa-sec-2016-02

    ASN.1 BER dissector crash. (Bug 11828) CVE-2016-2522

  • wnpa-sec-2016-03

    DNP dissector infinite loop. (Bug 11938) CVE-2016-2523

  • wnpa-sec-2016-04

    X.509AF dissector crash. (Bug 12002) CVE-2016-2524

  • wnpa-sec-2016-05

    HTTP/2 dissector crash. (Bug 12077) CVE-2016-2525

  • wnpa-sec-2016-06

    HiQnet dissector crash. (Bug 11983) CVE-2016-2526

  • wnpa-sec-2016-07

    3GPP TS 32.423 Trace file parser crash. (Bug 11982)

    CVE-2016-2527
  • wnpa-sec-2016-08

    LBMC dissector crash. (Bug 11984) CVE-2016-2528

  • wnpa-sec-2016-09

    iSeries file parser crash. (Bug 11985) CVE-2016-2529

  • wnpa-sec-2016-10

    RSL dissector crash. (Bug 11829) CVE-2016-2530 CVE-2016-2531

  • wnpa-sec-2016-11

    LLRP dissector crash. (Bug 12048) CVE-2016-2532

  • wnpa-sec-2016-12

    Ixia IxVeriWave file parser crash. (Bug 11795)

  • wnpa-sec-2016-13

    IEEE 802.11 dissector crash. (Bug 11818)

  • wnpa-sec-2016-14

    GSM A-bis OML dissector crash. (Bug 11825)

  • wnpa-sec-2016-15

    ASN.1 BER dissector crash. (Bug 12106)

  • wnpa-sec-2016-16

    SPICE dissector large loop. (Bug 12151)

  • wnpa-sec-2016-17

    NFS dissector crash.

  • wnpa-sec-2016-18

    ASN.1 BER dissector crash. (Bug 11822)


Discovery 2016-02-26
Entry 2016-03-01
Modified 2016-07-04
wireshark
wireshark-lite
wireshark-qt5
tshark
tshark-lite
lt 2.0.2

CVE-2016-2522
CVE-2016-2523
CVE-2016-2524
CVE-2016-2525
CVE-2016-2526
CVE-2016-2527
CVE-2016-2528
CVE-2016-2529
CVE-2016-2530
CVE-2016-2531
CVE-2016-2532
CVE-2016-4415
CVE-2016-4416
CVE-2016-4417
CVE-2016-4418
CVE-2016-4419
CVE-2016-4420
CVE-2016-4421
https://www.wireshark.org/docs/relnotes/wireshark-2.0.2.html
http://www.openwall.com/lists/oss-security/2016/05/01/1
7e36c369-10c0-11e6-94fa-002590263bf5wireshark -- multiple vulnerabilities

Wireshark development team reports:

The following vulnerabilities have been fixed:

  • wnpa-sec-2016-19

    The NCP dissector could crash. (Bug 11591)

  • wnpa-sec-2016-20

    TShark could crash due to a packet reassembly bug. (Bug 11799)

  • wnpa-sec-2016-21

    The IEEE 802.11 dissector could crash. (Bug 11824, Bug 12187)

  • wnpa-sec-2016-22

    The PKTC dissector could crash. (Bug 12206)

  • wnpa-sec-2016-23

    The PKTC dissector could crash. (Bug 12242)

  • wnpa-sec-2016-24

    The IAX2 dissector could go into an infinite loop. (Bug 12260)

  • wnpa-sec-2016-25

    Wireshark and TShark could exhaust the stack. (Bug 12268)

  • wnpa-sec-2016-26

    The GSM CBCH dissector could crash. (Bug 12278)

  • wnpa-sec-2016-27

    MS-WSP dissector crash. (Bug 12341)


Discovery 2016-04-22
Entry 2016-05-02
Modified 2016-07-04
wireshark
wireshark-lite
wireshark-qt5
tshark
tshark-lite
lt 2.0.3

CVE-2016-4076
CVE-2016-4077
CVE-2016-4078
CVE-2016-4079
CVE-2016-4080
CVE-2016-4081
CVE-2016-4006
CVE-2016-4082
CVE-2016-4083
CVE-2016-4084
https://www.wireshark.org/docs/relnotes/wireshark-2.0.3.html
http://www.openwall.com/lists/oss-security/2016/04/25/2
24e4d383-7b3e-11e5-a250-68b599b52a02wireshark -- Pcapng file parser crash

Wireshark development team reports:

The following vulnerability has been fixed.

  • wnpa-sec-2015-30

    Pcapng file parser crash. (Bug 11455)


Discovery 2015-10-14
Entry 2015-10-25
wireshark
wireshark-lite
wireshark-qt5
tshark
tshark-lite
lt 1.12.8

https://www.wireshark.org/docs/relnotes/wireshark-1.12.8.html
CVE-2015-7830