svn commit: r458042 - head/security/vuxml
Richard Gallamore
ultima at FreeBSD.org
Thu Jan 4 19:08:51 UTC 2018
Author: ultima
Date: Thu Jan 4 19:08:49 2018
New Revision: 458042
URL: https://svnweb.freebsd.org/changeset/ports/458042
Log:
* Add libevhtp to list of vulnerable ports.
Libevhtp prior to 1.2.14 uses oniguruma 5.9.2 and is
vulnerable if using the REGEX option, which is the
default.
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Thu Jan 4 19:07:42 2018 (r458041)
+++ head/security/vuxml/vuln.xml Thu Jan 4 19:08:49 2018 (r458042)
@@ -6760,6 +6760,10 @@ Notes:
<topic>oniguruma -- multiple vulnerabilities</topic>
<affects>
<package>
+ <name>libevhtp</name>
+ <range><lt>1.2.14</lt></range>
+ </package>
+ <package>
<name>oniguruma4</name>
<range><lt>4.7.2</lt></range>
</package>
More information about the svn-ports-all
mailing list