svn commit: r309813 - head/security/vuxml
Chris Rees
crees at FreeBSD.org
Wed Jan 2 12:28:48 UTC 2013
Author: crees
Date: Wed Jan 2 12:28:47 2013
New Revision: 309813
URL: http://svnweb.freebsd.org/changeset/ports/309813
Log:
Note charybdis and ircd-ratbox vulnerabilities
PR: ports/174878
Security: http://www.ratbox.org/ASA-2012-12-31.txt
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Jan 2 12:23:17 2013 (r309812)
+++ head/security/vuxml/vuln.xml Wed Jan 2 12:28:47 2013 (r309813)
@@ -51,6 +51,38 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="4108cc57-54d7-11e2-9483-14dae938ec40">
+ <topic>ircd-ratbox and charybdis -- remote DoS vulnerability</topic>
+ <affects>
+ <package>
+ <name>ircd-ratbox</name>
+ <range><gt>2.*</gt><lt>3.0.8</lt></range>
+ </package>
+ <package>
+ <name>charybdis</name>
+ <range><lt>3.4.2</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>atheme.org reports:</p>
+ <blockquote cite="http://www.ratbox.org/ASA-2012-12-31.txt">
+ <p>All versions of Charybdis are vulnerable to a remotely-triggered
+ crash bug caused by code originating from ircd-ratbox 2.0.
+ (Incidentally, this means all versions since ircd-ratbox 2.0 are
+ also vulnerable.)</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>http://www.ratbox.org/ASA-2012-12-31.txt</url>
+ </references>
+ <dates>
+ <discovery>2012-12-31</discovery>
+ <entry>2013-01-02</entry>
+ </dates>
+ </vuln>
+
<vuln vid="101f0aae-52d1-11e2-87fe-f4ce46b9ace8">
<topic>puppet -- multiple vulnerabilities</topic>
<affects>
More information about the svn-ports-all
mailing list