FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
eeca52dc-866c-11eb-b8d6-d4c9ef517024LibreSSL -- use-after-free

OpenBSD reports:

A TLS client using session resumption may cause a use-after-free.


Discovery 2021-03-15
Entry 2021-03-16
libressl
< 3.2.4_1

https://marc.info/?l=openbsd-announce&m=161582456312832&w=2
https://ftp.openbsd.org/pub/OpenBSD/patches/6.8/common/017_libssl.patch.sig
8305e215-1080-11e5-8ba2-000c2980a9f3openssl -- multiple vulnerabilities

The OpenSSL team reports:

  • Missing DHE man-in-the-middle protection (Logjam) (CVE-2015-4000)
  • Malformed ECParameters causes infinite loop (CVE-2015-1788)
  • Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
  • PKCS#7 crash with missing EnvelopedContent (CVE-2015-1790)
  • CMS verify infinite loop with unknown hash function (CVE-2015-1792)
  • Race condition handling NewSessionTicket (CVE-2015-1791)
  • Invalid free in DTLS (CVE-2014-8176)

Discovery 2015-06-11
Entry 2015-06-11
Modified 2016-08-09
openssl
< 1.0.2_2

mingw32-openssl
ge 1.0.1 lt 1.0.2b

linux-c6-openssl
< 1.0.1e_6

libressl
< 2.1.7

FreeBSD
ge 10.1 lt 10.1_12

ge 9.3 lt 9.3_16

ge 8.4 lt 8.4_30

CVE-2014-8176
CVE-2015-1788
CVE-2015-1789
CVE-2015-1790
CVE-2015-1791
CVE-2015-1792
CVE-2015-4000
SA-15:10.openssl
https://www.openssl.org/news/secadv_20150611.txt
215e740e-9c56-11e5-90e7-b499baebfeaflibressl -- NULL pointer dereference

The OpenBSD project reports:

A NULL pointer deference could be triggered by a crafted certificate sent to services configured to verify client certificates on TLS/SSL connections.


Discovery 2015-12-03
Entry 2015-12-08
libressl
< 2.2.5

ge 2.3.0 lt 2.3.1_1

https://marc.info/?l=openbsd-announce&t=144920914600002
CVE-2015-3194
01d729ca-1143-11e6-b55e-b499baebfeafOpenSSL -- multiple vulnerabilities

OpenSSL reports:

Memory corruption in the ASN.1 encoder

Padding oracle in AES-NI CBC MAC check

EVP_EncodeUpdate overflow

EVP_EncryptUpdate overflow

ASN.1 BIO excessive memory allocation

EBCDIC overread (OpenSSL only)


Discovery 2016-05-03
Entry 2016-05-03
Modified 2016-08-09
openssl
< 1.0.2_11

linux-c6-openssl
< 1.0.1e_8

libressl
ge 2.3.0 lt 2.3.4

< 2.2.7

libressl-devel
< 2.3.4

FreeBSD
ge 10.3 lt 10.3_2

ge 10.2 lt 10.2_16

ge 10.1 lt 10.1_33

ge 9.3 lt 9.3_41

https://www.openssl.org/news/secadv/20160503.txt
https://marc.info/?l=openbsd-tech&m=146228598730414
CVE-2016-2105
CVE-2016-2106
CVE-2016-2107
CVE-2016-2108
CVE-2016-2109
CVE-2016-2176
SA-16:17.openssl
88dfd92f-3b9c-11eb-929d-d4c9ef517024LibreSSL -- NULL pointer dereference

The LibreSSL project reports:

Malformed ASN.1 in a certificate revocation list or a timestamp response token can lead to a NULL pointer dereference.


Discovery 2020-12-08
Entry 2020-12-11
Modified 2020-12-12
libressl
gt 3.2.0 lt 3.2.3

< 3.1.5

libressl-devel
< 3.3.1

https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.2.3-relnotes.txt
c82ecac5-6e3f-11e8-8777-b499baebfeafOpenSSL -- Client DoS due to large DH parameter

The OpenSSL project reports:

During key agreement in a TLS handshake using a DH(E) based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client has finished. This could be exploited in a Denial Of Service attack.


Discovery 2018-06-12
Entry 2018-06-12
Modified 2018-07-24
libressl
libressl-devel
< 2.6.5

ge 2.7.0 lt 2.7.4

openssl
< 1.0.2o_4,1

openssl-devel
< 1.1.0h_2

https://www.openssl.org/news/secadv/20180612.txt
CVE-2018-0732
6f0529e2-2e82-11e6-b2ec-b499baebfeafOpenSSL -- vulnerability in DSA signing

The OpenSSL team reports:

Operations in the DSA signing algorithm should run in constant time in order to avoid side channel attacks. A flaw in the OpenSSL DSA implementation means that a non-constant time codepath is followed for certain operations. This has been demonstrated through a cache-timing attack to be sufficient for an attacker to recover the private DSA key.


Discovery 2016-06-09
Entry 2016-06-09
Modified 2016-12-20
openssl
< 1.0.2_13

libressl
< 2.2.9

ge 2.3.0 lt 2.3.6

libressl-devel
< 2.4.1

https://git.openssl.org/?p=openssl.git;a=commit;h=399944622df7bd81af62e67ea967c470534090e2
CVE-2016-2178
91a337d8-83ed-11e6-bf52-b499baebfeafOpenSSL -- multiple vulnerabilities

OpenSSL reports:

Critical vulnerability in OpenSSL 1.1.0a

Fix Use After Free for large message sizes (CVE-2016-6309)

Moderate vulnerability in OpenSSL 1.0.2i

Missing CRL sanity check (CVE-2016-7052)


Discovery 2016-09-26
Entry 2016-09-26
Modified 2016-10-10
openssl
< 1.0.2j,1

openssl-devel
< 1.1.0b

libressl
< 2.4.3

libressl-devel
< 2.4.3

FreeBSD
ge 11.0 lt 11.0_1

https://www.openssl.org/news/secadv/20160926.txt
CVE-2016-6309
CVE-2016-7052
SA-16:27.openssl
e75a96df-73ca-11e5-9b45-b499baebfeafLibreSSL -- Memory leak and buffer overflow

Qualys reports:

During the code review of OpenSMTPD a memory leak and buffer overflow (an off-by-one, usually stack-based) were discovered in LibreSSL's OBJ_obj2txt() function. This function is called automatically during a TLS handshake (both client-side, unless an anonymous mode is used, and server-side, if client authentication is requested).


Discovery 2015-10-15
Entry 2015-10-16
Modified 2015-10-26
libressl
< 2.2.4

http://marc.info/?l=openbsd-announce&m=144495690528446
CVE-2015-5333
CVE-2015-5334
7caebe30-d7f1-11e6-a9a5-b499baebfeafopenssl -- timing attack vulnerability

Cesar Pereida Garcia reports:

The signing function in crypto/ecdsa/ecdsa_ossl.c in certain OpenSSL versions and forks is vulnerable to timing attacks when signing with the standardized elliptic curve P-256 despite featuring constant-time curve operations and modular inversion. A software defect omits setting the BN_FLG_CONSTTIME flag for nonces, failing to take a secure code path in the BN_mod_inverse method and therefore resulting in a cache-timing attack vulnerability.

A malicious user with local access can recover ECDSA P-256 private keys.


Discovery 2017-01-10
Entry 2017-01-11
Modified 2017-01-11
openssl
< 1.0.2

libressl
< 2.4.4_1

libressl-devel
< 2.5.0_1

http://seclists.org/oss-sec/2017/q1/52
CVE-2016-7056