FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-18 11:12:36 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
e4d93d07-297a-11ed-95f8-901b0e9408dc	Matrix clients -- several vulnerabilities Matrix developers report: The vulnerabilities give an adversary who you share a room with the ability to carry out a denial-of-service attack against the affected clients, making it not show all of a user's rooms or spaces and/or causing minor temporary corruption. Discovery 2022-08-31 Entry 2022-08-31 cinny < 2.1.3 element-web < 1.11.4 CVE-2022-36059 CVE-2022-36060 https://matrix.org/blog/2022/08/31/security-releases-matrix-js-sdk-19-4-0-and-matrix-react-sdk-3-53-0
cb902a77-3f43-11ed-9402-901b0e9408dc	Matrix clients -- several vulnerabilities Matrix developers report: Two critical severity vulnerabilities in end-to-end encryption were found in the SDKs which power Element, Beeper, Cinny, SchildiChat, Circuli, Synod.im and any other clients based on matrix-js-sdk, matrix-ios-sdk or matrix-android-sdk2. Discovery 2022-09-23 Entry 2022-09-28 cinny < 2.2.1 element-web < 1.11.7 CVE-2022-39249 CVE-2022-39250 CVE-2022-39251 CVE-2022-39236 https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients
0dcf68fa-5c31-11ec-875e-901b0e9408dc	Matrix clients -- several vulnerabilities Matrix developers report: Today we are releasing security updates to libolm, matrix-js-sdk, and several clients including Element Web / Desktop. Users are encouraged to upgrade as soon as possible. These releases mitigate a buffer overflow in olm_session_describe, a libolm debugging function used by matrix-js-sdk in its end-to-end encryption (E2EE) implementation. If you rely on matrix-js-sdk for E2EE, you are affected. Discovery 2021-12-03 Entry 2021-12-13 cinny < 1.6.0 element-web < 1.9.7 https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk

VuXML ID

Description

e4d93d07-297a-11ed-95f8-901b0e9408dc

Matrix clients -- several vulnerabilities

Matrix developers report:

The vulnerabilities give an adversary who you share a room with the ability to carry out a denial-of-service attack against the affected clients, making it not show all of a user's rooms or spaces and/or causing minor temporary corruption.

Discovery 2022-08-31
Entry 2022-08-31
cinny

< 2.1.3

element-web

< 1.11.4

CVE-2022-36059
CVE-2022-36060
https://matrix.org/blog/2022/08/31/security-releases-matrix-js-sdk-19-4-0-and-matrix-react-sdk-3-53-0

cb902a77-3f43-11ed-9402-901b0e9408dc

Matrix clients -- several vulnerabilities

Matrix developers report:

Two critical severity vulnerabilities in end-to-end encryption were found in the SDKs which power Element, Beeper, Cinny, SchildiChat, Circuli, Synod.im and any other clients based on matrix-js-sdk, matrix-ios-sdk or matrix-android-sdk2.

Discovery 2022-09-23
Entry 2022-09-28
cinny

< 2.2.1

element-web

< 1.11.7

CVE-2022-39249
CVE-2022-39250
CVE-2022-39251
CVE-2022-39236
https://matrix.org/blog/2022/09/28/upgrade-now-to-address-encryption-vulns-in-matrix-sdks-and-clients

0dcf68fa-5c31-11ec-875e-901b0e9408dc

Matrix clients -- several vulnerabilities

Matrix developers report:

Today we are releasing security updates to libolm, matrix-js-sdk, and several clients including Element Web / Desktop. Users are encouraged to upgrade as soon as possible.

These releases mitigate a buffer overflow in olm_session_describe, a libolm debugging function used by matrix-js-sdk in its end-to-end encryption (E2EE) implementation. If you rely on matrix-js-sdk for E2EE, you are affected.

Discovery 2021-12-03
Entry 2021-12-13
cinny

< 1.6.0

element-web

< 1.9.7

https://matrix.org/blog/2021/12/13/disclosure-buffer-overflow-in-libolm-and-matrix-js-sdk