FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b8ee7a81-a879-4358-9b30-7dd1bd4c14b1libevent -- multiple vulnerabilities

Debian Security reports:

CVE-2016-10195: The name_parse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the label_len variable, which triggers an out-of-bounds stack read.

CVE-2016-10196: Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument.

CVE-2016-10197: The search_make_new function in evdns.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (out-of-bounds read) via an empty hostname.


Discovery 2017-01-31
Entry 2017-04-19
libevent
libevent2
linux-c6-libevent2
linux-c7-libevent
< 2.1.6

CVE-2016-10195
CVE-2016-10196
CVE-2016-10197
http://www.openwall.com/lists/oss-security/2017/01/31/17
https://github.com/libevent/libevent/issues/317
https://github.com/libevent/libevent/issues/318
https://github.com/libevent/libevent/issues/332
https://github.com/libevent/libevent/issues/335