svn commit: r390276 - head/security/vuxml
Xin LI
delphij at FreeBSD.org
Mon Jun 22 07:02:21 UTC 2015
Author: delphij
Date: Mon Jun 22 07:02:20 2015
New Revision: 390276
URL: https://svnweb.freebsd.org/changeset/ports/390276
Log:
Document lang/chicken vulnerabilities CVE-2014-9651 and CVE-2015-4556.
PR: 200980
Submitted by: Jason Unovitch
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Jun 22 06:54:22 2015 (r390275)
+++ head/security/vuxml/vuln.xml Mon Jun 22 07:02:20 2015 (r390276)
@@ -57,6 +57,70 @@ Notes:
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="0da404ad-1891-11e5-a1cf-002590263bf5">
+ <topic>chicken -- Potential buffer overrun in string-translate*</topic>
+ <affects>
+ <package>
+ <name>chicken</name>
+ <range><lt>4.10.0</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>chicken developer Peter Bex reports:</p>
+ <blockquote cite="http://lists.nongnu.org/archive/html/chicken-announce/2015-06/msg00010.html">
+ <p>Using gcc's Address Sanitizer, it was discovered that the string-translate*
+ procedure from the data-structures unit can scan beyond the input string's
+ length up to the length of the source strings in the map that's passed to
+ string-translate*. This issue was fixed in master 8a46020, and it will
+ make its way into CHICKEN 4.10.</p>
+ <p>This bug is present in all released versions of CHICKEN.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2015-4556</cvename>
+ <mlist>http://lists.nongnu.org/archive/html/chicken-announce/2015-06/msg00010.html</mlist>
+ <mlist>http://lists.nongnu.org/archive/html/chicken-hackers/2015-06/msg00037.html</mlist>
+ </references>
+ <dates>
+ <discovery>2015-06-15</discovery>
+ <entry>2015-06-22</entry>
+ </dates>
+ </vuln>
+
+ <vuln vid="e7b7f2b5-177a-11e5-ad33-f8d111029e6a">
+ <topic>chicken -- buffer overrun in substring-index[-ci]</topic>
+ <affects>
+ <package>
+ <name>chicken</name>
+ <range><lt>4.10.0</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>chicken developer Moritz Heidkamp reports:</p>
+ <blockquote cite="http://lists.gnu.org/archive/html/chicken-users/2015-01/msg00048.html">
+ <p>The substring-index[-ci] procedures of the data-structures unit are
+ vulnerable to a buffer overrun attack when passed an integer greater
+ than zero as the optional START argument.</p>
+ <p>As a work-around you can switch to SRFI 13's
+ string-contains procedure which also returns the substring's index in
+ case it is found.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2014-9651</cvename>
+ <mlist>http://lists.gnu.org/archive/html/chicken-users/2015-01/msg00048.html</mlist>
+ <mlist>http://lists.nongnu.org/archive/html/chicken-hackers/2014-12/txt2UqAS9CtvH.txt</mlist>
+ </references>
+ <dates>
+ <discovery>2015-01-12</discovery>
+ <entry>2015-06-22</entry>
+ </dates>
+ </vuln>
+
<vuln vid="a3929112-181b-11e5-a1cf-002590263bf5">
<topic>cacti -- Multiple XSS and SQL injection vulerabilities</topic>
<affects>
More information about the svn-ports-head
mailing list