FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
fc38cd83-00b3-11e5-8ebd-0026551a22dcPostgreSQL -- minor security problems.

PostgreSQL project reports:

This update fixes three security vulnerabilities reported in PostgreSQL over the past few months. Nether of these issues is seen as particularly urgent. However, users should examine them in case their installations are vulnerable:.

  • CVE-2015-3165 Double "free" after authentication timeout.
  • CVE-2015-3166 Unanticipated errors from the standard library.
  • CVE-2015-3167 pgcrypto has multiple error messages for decryption with an incorrect key.

Discovery 2015-04-10
Entry 2015-05-22
postgresql90-server
ge 9.0.0 lt 9.0.20

postgresql91-server
ge 9.1.0 lt 9.1.16

postgresql92-server
ge 9.2.0 lt 9.2.11

postgresql93-server
ge 9.3.0 lt 9.3.7

postgresql94-server
ge 9.4.0 lt 9.4.2

CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
3b40bf2c-ad83-11e4-a2b2-0026551a22dcPostgreSQL -- multiple buffer overflows and memory issues

PostgreSQL Project reports:

This update fixes multiple security issues reported in PostgreSQL over the past few months. All of these issues require prior authentication, and some require additional conditions, and as such are not considered generally urgent. However, users should examine the list of security holes patched below in case they are particularly vulnerable.

  1. CVE-2015-0241 Buffer overruns in "to_char" functions.
  2. CVE-2015-0242 Buffer overrun in replacement printf family of functions.
  3. CVE-2015-0243 Memory errors in functions in the pgcrypto extension.
  4. CVE-2015-0244 An error in extended protocol message reading.
  5. CVE-2014-8161 Constraint violation errors can cause display of values in columns which the user would not normally have rights to see.

Discovery 2015-02-05
Entry 2015-02-05
postgresql90-server
ge 9.0.0 lt 9.0.19

postgresql91-server
ge 9.1.0 lt 9.1.15

postgresql92-server
ge 9.2.0 lt 9.2.10

postgresql93-server
ge 9.3.0 lt 9.3.6

postgresql94-server
ge 9.4.0 lt 9.4.1

CVE-2015-0241
CVE-2015-0242
CVE-2015-0243
CVE-2015-0244
CVE-2014-8161
a0182578-6e00-11e5-a90c-0026551a22dcPostgreSQL -- minor security problems.

PostgreSQL project reports:

Two security issues have been fixed in this release which affect users of specific PostgreSQL features.

  • CVE-2015-5289 json or jsonb input values constructed from arbitrary user input can crash the PostgreSQL server and cause a denial of service.
  • CVE-2015-5288: The crypt() function included with the optional pgCrypto extension could be exploited to read a few additional bytes of memory. No working exploit for this issue has been developed.

Discovery 2015-10-08
Entry 2015-10-08
postgresql90-server
ge 9.0.0 lt 9.0.22

postgresql91-server
ge 9.1.0 lt 9.1.18

postgresql92-server
ge 9.2.0 lt 9.2.13

postgresql93-server
ge 9.3.0 lt 9.3.9

postgresql94-server
ge 9.4.0 lt 9.4.4

CVE-2015-5289
CVE-2015-5288
7fe7df75-6568-11e6-a590-14dae9d210b8End of Life Ports

These packages have reached End of Life status and/or have been removed from the Ports Tree. They may contain undocumented security issues. Please take caution and find alternative software as soon as possible.


Discovery 2016-08-18
Entry 2016-08-18
Modified 2016-10-18
python32
python31
python30
python26
python25
python24
python23
python22
python21
python20
python15
ge 0

php54
php53
php52
php5
php4
ge 0

perl5
< 5.18

perl5.16
perl5.14
perl5.12
perl
ge 0

ruby
ruby_static
< 2.1,1

unifi2
unifi3
ge 0

apache21
apache20
apache13
ge 0

tomcat55
tomcat41
ge 0

mysql51-client
mysql51-server
mysql50-client
mysql50-server
mysql41-client
mysql41-server
mysql40-client
mysql40-server
ge 0

postgresql90-client
postgresql90-server
postgresql84-client
postgresql84-server
postgresql83-client
postgresql83-server
postgresql82-client
postgresql82-server
postgresql81-client
postgresql81-server
postgresql80-client
postgresql80-server
postgresql74-client
postgresql74-server
postgresql73-client
postgresql73-server
postgresql72-client
postgresql72-server
postgresql71-client
postgresql71-server
postgresql7-client
postgresql7-server
ge 0

ports/211975