svn commit: r316276 - in head/security: tinc vuxml
Dirk Meyer
dinoex at FreeBSD.org
Mon Apr 22 20:57:04 UTC 2013
Author: dinoex
Date: Mon Apr 22 20:57:03 2013
New Revision: 316276
URL: http://svnweb.freebsd.org/changeset/ports/316276
Log:
- Security update to 1.0.21
Security: CVE-2013-1428
Modified:
head/security/tinc/Makefile
head/security/tinc/distinfo
head/security/vuxml/vuln.xml
Modified: head/security/tinc/Makefile
==============================================================================
--- head/security/tinc/Makefile Mon Apr 22 20:43:22 2013 (r316275)
+++ head/security/tinc/Makefile Mon Apr 22 20:57:03 2013 (r316276)
@@ -2,7 +2,7 @@
# $FreeBSD$
PORTNAME= tinc
-PORTVERSION= 1.0.20
+PORTVERSION= 1.0.21
CATEGORIES= security
MASTER_SITES= http://www.tinc-vpn.org/packages/ \
ftp://ftp.wiretapped.net/pub/security/network-security/tinc/ \
Modified: head/security/tinc/distinfo
==============================================================================
--- head/security/tinc/distinfo Mon Apr 22 20:43:22 2013 (r316275)
+++ head/security/tinc/distinfo Mon Apr 22 20:57:03 2013 (r316276)
@@ -1,2 +1,2 @@
-SHA256 (tinc-1.0.20.tar.gz) = 62230cdfcb9c3218df0be53b2e3a268a595d28b25dcb1ba190d25db91ae3d132
-SIZE (tinc-1.0.20.tar.gz) = 466906
+SHA256 (tinc-1.0.21.tar.gz) = 6ac15eab766c021629992053aa1a23f31a0c429eb0f3eb8f49c923476eea618b
+SIZE (tinc-1.0.21.tar.gz) = 467114
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Apr 22 20:43:22 2013 (r316275)
+++ head/security/vuxml/vuln.xml Mon Apr 22 20:57:03 2013 (r316276)
@@ -51,6 +51,31 @@ Note: Please add new entries to the beg
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="aeb962f6-ab8d-11e2-b3f5-003067c2616f">
+ <topic>tinc -- Buffer overflow</topic>
+ <affects>
+ <package>
+ <name>tinc</name>
+ <range><lt>1.0.21</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>tinc-vpn.org reports:</p>
+ <blockquote cite="http://www.tinc-vpn.org/news/">
+ <p>Drop packets forwarded via TCP if they are too big.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2013-1428</cvename>
+ </references>
+ <dates>
+ <discovery>2013-01-26</discovery>
+ <entry>2013-04-22</entry>
+ </dates>
+ </vuln>
+
<vuln vid="7280c3f6-a99a-11e2-8cef-6805ca0b3d42">
<topic>phpMyAdmin -- XSS due to unescaped HTML output in GIS visualisation page</topic>
<affects>
More information about the svn-ports-all
mailing list