svn commit: r431512 - head/security/vuxml
Jason Unovitch
junovitch at FreeBSD.org
Sun Jan 15 02:48:39 UTC 2017
Author: junovitch
Date: Sun Jan 15 02:48:37 2017
New Revision: 431512
URL: https://svnweb.freebsd.org/changeset/ports/431512
Log:
Amend Irssi 0.8.21 entry. Another CVE was assigned.
PR: 216020
Submitted by: Vladimir Krstulja <vlad-fbsd at acheronmedia.com>
Security: CVE-2017-5356
Security: https://vuxml.FreeBSD.org/freebsd/3d6be69b-d365-11e6-a071-001e67f15f5a.html
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Sun Jan 15 02:48:19 2017 (r431511)
+++ head/security/vuxml/vuln.xml Sun Jan 15 02:48:37 2017 (r431512)
@@ -918,7 +918,7 @@ Notes:
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Irssi reports:</p>
<blockquote cite="https://irssi.org/security/irssi_sa_2017_01.txt">
- <p>Four vulnerabilities have been located in Irssi</p>
+ <p>Five vulnerabilities have been located in Irssi</p>
<ul>
<li>A NULL pointer dereference in the nickcmp function found by
Joseph Bisch. (CWE-690)</li>
@@ -928,6 +928,8 @@ Notes:
by Joseph Bisch. (CWE-126)</li>
<li>Out of bounds read in certain incomplete character sequences
found by Hanno Böck and independently by J. Bisch. (CWE-126)</li>
+ <li>Out of bounds read when Printing the value '%['. Found by
+ Hanno Böck. (CWE-126)</li>
</ul>
<p>These issues may result in denial of service (remote crash).</p>
</blockquote>
@@ -938,13 +940,14 @@ Notes:
<cvename>CVE-2017-5194</cvename>
<cvename>CVE-2017-5195</cvename>
<cvename>CVE-2017-5196</cvename>
+ <cvename>CVE-2017-5356</cvename>
<freebsdpr>ports/215800</freebsdpr>
<url>https://irssi.org/security/irssi_sa_2017_01.txt</url>
</references>
<dates>
<discovery>2017-01-03</discovery>
<entry>2017-01-05</entry>
- <modified>2017-01-07</modified>
+ <modified>2017-01-15</modified>
</dates>
</vuln>
More information about the svn-ports-all
mailing list