svn commit: r341451 - head/security/vuxml
Remko Lodder
remko at FreeBSD.org
Mon Jan 27 21:27:40 UTC 2014
On 27 Jan 2014, at 22:08, Bernhard Froehlich <decke at FreeBSD.org> wrote:
> Author: decke
> Date: Mon Jan 27 21:08:45 2014
> New Revision: 341451
> URL: http://svnweb.freebsd.org/changeset/ports/341451
> QAT: https://qat.redports.org/buildarchive/r341451/
>
> Log:
> - Fix style for strongswan entry
>
> Reported by: remko
Thank you!! :)
>
> Modified:
> head/security/vuxml/vuln.xml
>
> Modified: head/security/vuxml/vuln.xml
> ==============================================================================
> --- head/security/vuxml/vuln.xml Mon Jan 27 20:52:51 2014 (r341450)
> +++ head/security/vuxml/vuln.xml Mon Jan 27 21:08:45 2014 (r341451)
> @@ -108,18 +108,18 @@ Note: Please add new entries to the beg
> <p>strongSwan Project reports:</p>
> <blockquote cite="http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-%28cve-2013-6076%29.html">
> <p>A DoS vulnerability triggered by crafted IKEv1 fragmentation
> - payloads was discovered in strongSwan's IKE daemon charon. All
> - versions since 5.0.2 are affected.</p>
> + payloads was discovered in strongSwan's IKE daemon charon. All
> + versions since 5.0.2 are affected.</p>
> </blockquote>
> <blockquote cite="http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-%28cve-2013-6075%29.html">
> <p>A DoS vulnerability and potential authorization bypass triggered
> - by a crafted ID_DER_ASN1_DN ID payload was discovered in strongSwan.
> - All versions since 4.3.3 are affected.</p>
> + by a crafted ID_DER_ASN1_DN ID payload was discovered in strongSwan.
> + All versions since 4.3.3 are affected.</p>
> </blockquote>
> <blockquote cite="http://www.strongswan.org/blog/2013/08/01/strongswan-denial-of-service-vulnerability-%28cve-2013-5018%29.html">
> <p>A DoS vulnerability in strongSwan was discovered, which is
> - triggered by XAuth usernames and EAP identities in versions
> - 5.0.3 and 5.0.4.</p>
> + triggered by XAuth usernames and EAP identities in versions
> + 5.0.3 and 5.0.4.</p>
> </blockquote>
> </body>
> </description>
> @@ -127,7 +127,9 @@ Note: Please add new entries to the beg
> <cvename>CVE-2013-5018</cvename>
> <cvename>CVE-2013-6075</cvename>
> <cvename>CVE-2013-6076</cvename>
> - <url>http://www.strongswan.org/blog/2013/11/01/strongswan-5.1.1-released.html</url>
> + <url>http://www.strongswan.org/blog/2013/08/01/strongswan-denial-of-service-vulnerability-%28cve-2013-5018%29.html</url>
> + <url>http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-%28cve-2013-6075%29.html</url>
> + <url>http://www.strongswan.org/blog/2013/11/01/strongswan-denial-of-service-vulnerability-%28cve-2013-6076%29.html</url>
> </references>
> <dates>
> <discovery>2013-11-01</discovery>
> _______________________________________________
> svn-ports-all at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/svn-ports-all
> To unsubscribe, send any mail to "svn-ports-all-unsubscribe at freebsd.org"
--
/"\ Best regards, | remko at FreeBSD.org
\ / Remko Lodder | remko at EFnet
X http://www.evilcoder.org/ |
/ \ ASCII Ribbon Campaign | Against HTML Mail and News
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 841 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freebsd.org/pipermail/svn-ports-all/attachments/20140127/27148b8d/attachment.sig>
More information about the svn-ports-all
mailing list