svn commit: r444984 - head/security/vuxml
Richard Gallamore
ultima at FreeBSD.org
Mon Jul 3 19:29:41 UTC 2017
Author: ultima
Date: Mon Jul 3 19:29:39 2017
New Revision: 444984
URL: https://svnweb.freebsd.org/changeset/ports/444984
Log:
Added vxvml entry for security/dropbear
PR: 220158
Submitted by: Piotr Kubaj <pkubaj at anongoth.pl> (maintainer)
Reviewed by: lifanov (mentor)
Approved by: lifanov (mentor)
MFH: 2017Q3
Security: http://www.vuxml.org/freebsd/60931f98-55a7-11e7-8514-589cfc0654e1.html
Differential Revision: https://reviews.freebsd.org/D11400
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Mon Jul 3 19:24:25 2017 (r444983)
+++ head/security/vuxml/vuln.xml Mon Jul 3 19:29:39 2017 (r444984)
@@ -58,6 +58,41 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="60931f98-55a7-11e7-8514-589cfc0654e1">
+ <topic>Dropbear -- two vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>dropbear</name>
+ <range><lt>2017.75</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Matt Johnston reports:</p>
+ <blockquote cite="https://matt.ucc.asn.au/dropbear/CHANGES">
+ <p>Fix double-free in server TCP listener cleanup A double-free in
+ the server could be triggered by an authenticated user if dropbear
+ is running with -a (Allow connections to forwarded ports from any
+ host) This could potentially allow arbitrary code execution as root
+ by an authenticated user.</p>
+ <p>Fix information disclosure with ~/.ssh/authorized_keys symlink.
+ Dropbear parsed authorized_keys as root, even if it were a symlink.
+ The fix is to switch to user permissions when opening authorized_keys.
+ </p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://matt.ucc.asn.au/dropbear/CHANGES</url>
+ <cvename>CVE-2017-9078</cvename>
+ <cvename>CVE-2017-9079</cvename>
+ </references>
+ <dates>
+ <discovery>2017-05-18</discovery>
+ <entry>2017-07-03</entry>
+ </dates>
+ </vuln>
+
<vuln vid="6e4e35c3-5fd1-11e7-9def-b499baebfeaf">
<topic>smarty3 -- shell injection in math</topic>
<affects>
More information about the svn-ports-all
mailing list