svn commit: r319586 - head/security/vuxml
Raphael Kubo da Costa
rakuco at FreeBSD.org
Sat Jun 1 19:22:39 UTC 2013
Author: rakuco
Date: Sat Jun 1 19:22:38 2013
New Revision: 319586
URL: http://svnweb.freebsd.org/changeset/ports/319586
Log:
Remove duplicate optipng vulnerability.
It was separately committed in r315254, so remove the version I added
in r318453.
Reported by: Alexander Milanov <a at amilanov.com>
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Sat Jun 1 19:18:44 2013 (r319585)
+++ head/security/vuxml/vuln.xml Sat Jun 1 19:22:38 2013 (r319586)
@@ -621,38 +621,6 @@ Note: Please add new entries to the beg
</dates>
</vuln>
- <vuln vid="a8818f7f-9182-11e2-9bdf-d48564727302">
- <topic>optipng -- use-after-free vulnerability</topic>
- <affects>
- <package>
- <name>optipng</name>
- <range><ge>0.7</ge><lt>0.7.4</lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>Secunia reports:</p>
- <blockquote cite="https://secunia.com/advisories/50654">
- <p>A vulnerability has been reported in OptiPNG, which can be
- exploited by malicious people to potentially compromise a user's
- system.</p>
- <p>The vulnerability is caused due to a use-after-free error related
- to the palette reduction functionality. No further information is
- currently available.</p>
- <p>Success exploitation may allow execution of arbitrary code.</p>
- </blockquote>
- </body>
- </description>
- <references>
- <cvename>CVE-2012-4432</cvename>
- <url>https://secunia.com/advisories/50654</url>
- </references>
- <dates>
- <discovery>2012-09-16</discovery>
- <entry>2013-05-18</entry>
- </dates>
- </vuln>
-
<vuln vid="a0c65049-bddd-11e2-a0f6-001060e06fd4">
<topic>linux-flashplugin -- multiple vulnerabilities</topic>
<affects>
More information about the svn-ports-all
mailing list