ports/148203: irc/kvirc-* vulnerabilities
Axel Gonzalez
loox at e-shell.net
Mon Jun 28 06:30:06 UTC 2010
>Number: 148203
>Category: ports
>Synopsis: irc/kvirc-* vulnerabilities
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: update
>Submitter-Id: current-users
>Arrival-Date: Mon Jun 28 06:30:05 UTC 2010
>Closed-Date:
>Last-Modified:
>Originator: Axel Gonzalez
>Release: FreeBSD 8.1-RC
>Organization:
>Environment:
FreeBSD moonglow 8.1-RC1 FreeBSD 8.1-RC1 #0: Sat Jun 19 10:32:46 CDT 2010 toor at moonglow:/tmp/obj/usr/src/sys/LX i386
>Description:
Security advisor: CVE-2010-2451 CVE-2010-2452
This problems have been fixed in latest version (4.0.0) and svn of 3.4
The bugs allow remote exploits, so they are serious.
>How-To-Repeat:
install from ports
>Fix:
Upgrade to kvirc-4.0.0
Backport the patches to 3.4.2, use latest from svn, or mark it as broken
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list