svn commit: r430844 - head/security/vuxml
Jason Unovitch
junovitch at FreeBSD.org
Sat Jan 7 23:07:48 UTC 2017
Author: junovitch
Date: Sat Jan 7 23:07:46 2017
New Revision: 430844
URL: https://svnweb.freebsd.org/changeset/ports/430844
Log:
Tag irssi entry with assigned CVEs, while here wrap at 80 and reference PR
PR: 215800
Security: CVE-2017-5193
Security: CVE-2017-5194
Security: CVE-2017-5195
Security: CVE-2017-5196
Security: https://vuxml.FreeBSD.org/freebsd/3d6be69b-d365-11e6-a071-001e67f15f5a.html
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Sat Jan 7 22:57:43 2017 (r430843)
+++ head/security/vuxml/vuln.xml Sat Jan 7 23:07:46 2017 (r430844)
@@ -192,21 +192,31 @@ Notes:
<blockquote cite="https://irssi.org/security/irssi_sa_2017_01.txt">
<p>Four vulnerabilities have been located in Irssi</p>
<ul>
- <li>A NULL pointer dereference in the nickcmp function found by Joseph Bisch. (CWE-690)</li>
- <li>Use after free when receiving invalid nick message (Issue #466, CWE-146)</li>
- <li>Out of bounds read in certain incomplete control codes found by Joseph Bisch. (CWE-126)</li>
- <li>Out of bounds read in certain incomplete character sequences found by Hanno Böck and independently by J. Bisch. (CWE-126)</li>
+ <li>A NULL pointer dereference in the nickcmp function found by
+ Joseph Bisch. (CWE-690)</li>
+ <li>Use after free when receiving invalid nick message (Issue #466,
+ CWE-146)</li>
+ <li>Out of bounds read in certain incomplete control codes found
+ by Joseph Bisch. (CWE-126)</li>
+ <li>Out of bounds read in certain incomplete character sequences
+ found by Hanno Böck and independently by J. Bisch. (CWE-126)</li>
</ul>
<p>These issues may result in denial of service (remote crash).</p>
</blockquote>
</body>
</description>
<references>
- <url>https://irssi.org/security/irssi_sa_2017_01.txt</url>
+ <cvename>CVE-2017-5193</cvename>
+ <cvename>CVE-2017-5194</cvename>
+ <cvename>CVE-2017-5195</cvename>
+ <cvename>CVE-2017-5196</cvename>
+ <freebsdpr>ports/215800</freebsdpr>
+ <url>https://irssi.org/security/irssi_sa_2017_01.txt</url>
</references>
<dates>
<discovery>2017-01-03</discovery>
<entry>2017-01-05</entry>
+ <modified>2017-01-07</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list