svn commit: r389105 - head/security/vuxml
Xin LI
delphij at FreeBSD.org
Wed Jun 10 17:34:22 UTC 2015
Author: delphij
Date: Wed Jun 10 17:34:21 2015
New Revision: 389105
URL: https://svnweb.freebsd.org/changeset/ports/389105
Log:
Document pgbouncer remote denial of service vulnerability.
PR: 200537
Submitted by: Jason Unovitch
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Jun 10 17:33:58 2015 (r389104)
+++ head/security/vuxml/vuln.xml Wed Jun 10 17:34:21 2015 (r389105)
@@ -57,6 +57,35 @@ Notes:
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="8fbd4187-0f18-11e5-b6a8-002590263bf5">
+ <topic>pgbouncer -- remote denial of service</topic>
+ <affects>
+ <package>
+ <name>pgbouncer</name>
+ <range><lt>1.5.5</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>PgBouncer reports:</p>
+ <blockquote cite="https://pgbouncer.github.io/2015/04/pgbouncer-1-5-5/">
+ <p>Fix remote crash - invalid packet order causes lookup of NULL pointer. Not
+ exploitable, just DoS.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2015-4054</cvename>
+ <url>https://pgbouncer.github.io/2015/04/pgbouncer-1-5-5/</url>
+ <mlist>http://www.openwall.com/lists/oss-security/2015/05/21/2</mlist>
+ <freebsdpr>200507</freebsdpr>
+ </references>
+ <dates>
+ <discovery>2015-04-08</discovery>
+ <entry>2015-06-10</entry>
+ </dates>
+ </vuln>
+
<vuln vid="a40ec970-0efa-11e5-90e4-d050996490d0">
<topic>cups -- multiple vulnerabilities</topic>
<affects>
More information about the svn-ports-all
mailing list