[ports] cvs commit: ports/security/vuxml vuln.xml

Sergey A. Osokin osa at FreeBSD.org
Thu Apr 19 08:07:13 UTC 2012 

Thanks a lot!

-- 
Sergey A. Osokin
osa at FreeBSD.org

On Mon, Apr 16, 2012 at 03:35:15PM +0000, Eitan Adler wrote:
> eadler      2012-04-16 15:34:57 UTC
> 
>   FreeBSD ports repository
> 
>   Modified files:
>     security/vuxml       vuln.xml 
>   Log:
>   Add information about the recent nginx security vulnerability
>   
>   PR:             ports/166990
>   Submitted by:   rodrigo osorio <rodrigo at bebik.net>
>   
>   Revision  Changes    Path
>   1.2664    +31 -1     ports/security/vuxml/vuln.xml
> _______________________________________________
> cvs-all at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/cvs-all
> To unsubscribe, send any mail to "cvs-all-unsubscribe at freebsd.org"
> 
> 
> Index: ports/security/vuxml/vuln.xml
> diff -u ports/security/vuxml/vuln.xml:1.2663 ports/security/vuxml/vuln.xml:1.2664
> --- ports/security/vuxml/vuln.xml:1.2663	Sat Apr 14 16:45:06 2012
> +++ ports/security/vuxml/vuln.xml	Mon Apr 16 15:34:57 2012
> @@ -52,6 +52,36 @@
>  
>  -->
>  <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
> +  <vuln vid="0c14dfa7-879e-11e1-a2a0-00500802d8f7">
> +    <topic>nginx -- Buffer overflow in the ngx_http_mp4_module</topic>
> +    <affects>
> +      <package>
> +	<name>nginx</name>
> +	<range><lt>1.0.15</lt></range>
> +      </package>
> +      <package>
> +	<name>nginx-devel</name>
> +	<range><lt>1.1.19</lt></range>
> +      </package>
> +    </affects>
> +    <description>
> +      <body xmlns="http://www.w3.org/1999/xhtml">
> +	<p>The nginx project reports:</p>
> +	<blockquote cite="http://nginx.org/en/security_advisories.html">
> +	  <p>Buffer overflow in the ngx_http_mp4_module</p>
> +	</blockquote>
> +      </body>
> +    </description>
> +    <references>
> +      <cvename>CVE-2012-2089</cvename>
> +      <url>http://nginx.org/en/security_advisories.html</url>
> +    </references>
> +    <dates>
> +      <discovery>2012-04-12</discovery>
> +      <entry>2012-04-16</entry>
> +    </dates>
> +  </vuln>
> +
>    <vuln vid="c80a3d93-8632-11e1-a374-14dae9ebcf89">
>      <topic>phpmyfaq -- Remote PHP Code Execution Vulnerability</topic>
>      <affects>

More information about the cvs-ports mailing list