FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  482151
Date:      2018-10-15
Time:      11:29:07Z
Committer: mfechner

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
d1f5e12a-fd5a-11e3-a108-080027ef73ecLZO -- potential buffer overrun when processing malicious input data

Markus Franz Xaver Johannes Oberhumer reports, in the package's NEWS file:

Fixed a potential integer overflow condition in the "safe" decompressor variants which could result in a possible buffer overrun when processing maliciously crafted compressed input data.

As this issue only affects 32-bit systems and also can only happen if you use uncommonly huge buffer sizes where you have to decompress more than 16 MiB (2^24 bytes) compressed bytes within a single function call, the practical implications are limited.

Discovery 2014-06-25
Entry 2014-06-26
Modified 2015-01-06
lt 2.07

lt 1.22.1_2