FreshPorts - VuXML
This page displays vulnerability information about FreeBSD Ports.
The VUXML data was last processed by FreshPorts on 2024-03-29 07:54:42 UTC
List all Vulnerabilities, by package
List all Vulnerabilities, by date
k68
These are the vulnerabilities relating to the commit you have selected:
VuXML ID | Description |
b7cff5a9-31cc-11e8-8f07-b499baebfeaf | OpenSSL -- multiple vulnerabilities
The OpenSSL project reports:
- Constructed ASN.1 types with a recursive definition could
exceed the stack (CVE-2018-0739)
Constructed ASN.1 types with a recursive definition (such as can be
found in PKCS7) could eventually exceed the stack given malicious input
with excessive recursion. This could result in a Denial Of Service
attack. There are no such structures used within SSL/TLS that come from
untrusted sources so this is considered safe.
- rsaz_1024_mul_avx2 overflow bug on x86_64 (CVE-2017-3738)
There is an overflow bug in the AVX2 Montgomery multiplication
procedure used in exponentiation with 1024-bit moduli. This only
affects processors that support the AVX2 but not ADX extensions
like Intel Haswell (4th generation).
Discovery 2018-03-27 Entry 2018-03-27 openssl
< 1.0.2o,1
openssl-devel
< 1.1.0h
https://www.openssl.org/news/secadv/20180327.txt
CVE-2018-0739
CVE-2017-3738
|