svn commit: r420425 - head/security/vuxml
Mark Felder
feld at FreeBSD.org
Thu Aug 18 21:44:36 UTC 2016
Author: feld
Date: Thu Aug 18 21:44:34 2016
New Revision: 420425
URL: https://svnweb.freebsd.org/changeset/ports/420425
Log:
Add a number of old expired and End of Life ports to vuxml
PR: 211975
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Thu Aug 18 20:40:40 2016 (r420424)
+++ head/security/vuxml/vuln.xml Thu Aug 18 21:44:34 2016 (r420425)
@@ -58,6 +58,100 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="7fe7df75-6568-11e6-a590-14dae9d210b8">
+ <topic>End of Life Ports</topic>
+ <affects>
+ <package>
+ <name>python32</name>
+ <name>py32-*</name>
+ <name>python31</name>
+ <name>py31-*</name>
+ <name>python30</name>
+ <name>py30-*</name>
+ <name>python26</name>
+ <name>py26-*</name>
+ <name>python25</name>
+ <name>py25-*</name>
+ <name>python24</name>
+ <name>py24-*</name>
+ <name>python23</name>
+ <name>py23-*</name>
+ <name>python22</name>
+ <name>py22-*</name>
+ <name>python21</name>
+ <name>py21-*</name>
+ <name>python20</name>
+ <name>py20-*</name>
+ <name>python15</name>
+ <name>py15-*</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>php54</name>
+ <name>php54-*</name>
+ <name>php53</name>
+ <name>php53-*</name>
+ <name>php52</name>
+ <name>php52-*</name>
+ <name>php5</name>
+ <name>php5-*</name>
+ <name>php4</name>
+ <name>php4-*</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>perl5</name>
+ <range><lt>5.18</lt></range>
+ </package>
+ <package>
+ <name>perl5.16</name>
+ <name>perl5.14</name>
+ <name>perl5.12</name>
+ <name>perl5.10</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>ruby20</name>
+ <name>ruby19</name>
+ <name>ruby18</name>
+ <name>ruby16</name>
+ <name>ruby14</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>unifi2</name>
+ <name>unifi3</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>apache21</name>
+ <name>apache20</name>
+ <name>apache13</name>
+ <range><ge>0</ge></range>
+ </package>
+ <package>
+ <name>tomcat55</name>
+ <name>tomcat41</name>
+ <range><ge>0</ge></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>These packages have reached End of Life status and/or have
+ been removed from the Ports Tree. They may contain undocumented
+ security issues. Please take caution and find alternative
+ software as soon as possible.</p>
+ </body>
+ </description>
+ <references>
+ <freebsdpr>211975</freebsdpr>
+ </references>
+ <dates>
+ <discovery>2016-08-18</discovery>
+ <entry>2016-08-18</entry>
+ </dates>
+ </vuln>
+
<vuln vid="e1c71d8d-64d9-11e6-b38a-25a46b33f2ed">
<topic>gnupg -- attacker who obtains 4640 bits from the RNG can trivially predict the next 160 bits of output</topic>
<affects>
More information about the svn-ports-all
mailing list