FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
ef0033ad-5823-11e6-80cc-001517f335e2lighttpd - multiple vulnerabilities

Lighttpd Project reports:

Security fixes for Lighttpd:

  • security: encode quoting chars in HTML and XML

  • security: ensure gid != 0 if server.username is set, but not server.groupname

  • security: disable stat_cache if server.follow-symlink = “disable”

  • security: httpoxy defense: do not emit HTTP_PROXY to CGI env


Discovery 2016-07-31
Entry 2016-08-03
lighttpd
lt 1.4.41

http://www.lighttpd.net/2016/7/31/1.4.41/
ports/211495
92a6efd0-e40d-11e8-ada4-408d5cf35399lighttpd - use-after-free vulnerabilities

Lighttpd Project reports:

Security fixes for Lighttpd:

  • security: process headers after combining folded headers


Discovery 2018-08-26
Entry 2018-11-09
lighttpd
lt 1.4.51

https://www.lighttpd.net/2018/10/14/1.4.51/
ports/232278