svn commit: r445212 - head/security/vuxml
Bernard Spil
brnrd at FreeBSD.org
Fri Jul 7 07:59:56 UTC 2017
Author: brnrd
Date: Fri Jul 7 07:59:54 2017
New Revision: 445212
URL: https://svnweb.freebsd.org/changeset/ports/445212
Log:
security/vuxml: Register oniguruma/php-mbstring vulns
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Fri Jul 7 07:51:52 2017 (r445211)
+++ head/security/vuxml/vuln.xml Fri Jul 7 07:59:54 2017 (r445212)
@@ -58,6 +58,82 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="b396cf6c-62e6-11e7-9def-b499baebfeaf">
+ <topic>oniguruma -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>oniguruma4</name>
+ <range><lt>4.7.2</lt></range>
+ </package>
+ <package>
+ <name>oniguruma5</name>
+ <range><lt>5.9.7</lt></range>
+ </package>
+ <package>
+ <name>oniguruma6</name>
+ <range><lt>6.4.0</lt></range>
+ </package>
+ <package>
+ <name>php56-mbstring</name>
+ <range><lt>5.6.31</lt></range>
+ </package>
+ <package>
+ <name>php70-mbstring</name>
+ <range><lt>7.0.21</lt></range>
+ </package>
+ <package>
+ <name>php71-mbstring</name>
+ <range><lt>7.1.7</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>the PHP project reports:</p>
+ <blockquote cite="http://php.net/ChangeLog-7.php">
+ <ul>
+ <li>A stack out-of-bounds read occurs in match_at() during regular
+ expression searching. A logical error involving order of validation
+ and access in match_at() could result in an out-of-bounds read from
+ a stack buffer (CVE-2017-9224).</li>
+ <li>A heap out-of-bounds write or read occurs in next_state_val()
+ during regular expression compilation. Octal numbers larger than 0xff
+ are not handled correctly in fetch_token() and fetch_token_in_cc().
+ A malformed regular expression containing an octal number in the form
+ of '\700' would produce an invalid code point value larger than 0xff
+ in next_state_val(), resulting in an out-of-bounds write memory
+ corruption (CVE-2017-9226).</li>
+ <li>A stack out-of-bounds read occurs in mbc_enc_len() during regular
+ expression searching. Invalid handling of reg->dmin in
+ forward_search_range() could result in an invalid pointer dereference,
+ as an out-of-bounds read from a stack buffer (CVE-2017-9227).</li>
+ <li>A heap out-of-bounds write occurs in bitset_set_range() during
+ regular expression compilation due to an uninitialized variable from
+ an incorrect state transition. An incorrect state transition in
+ parse_char_class() could create an execution path that leaves a
+ critical local variable uninitialized until it's used as an index,
+ resulting in an out-of-bounds write memory corruption (CVE-2017-9228).</li>
+ <li>A SIGSEGV occurs in left_adjust_char_head() during regular expression
+ compilation. Invalid handling of reg->dmax in forward_search_range() could
+ result in an invalid pointer dereference, normally as an immediate
+ denial-of-service condition (CVE-2017-9228).</li>
+ </ul>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>INSERT BLOCKQUOTE URL HERE</url>
+ <cvename>CVE-2017-9224</cvename>
+ <cvename>CVE-2017-9226</cvename>
+ <cvename>CVE-2017-9227</cvename>
+ <cvename>CVE-2017-9228</cvename>
+ <cvename>CVE-2017-9228</cvename>
+ </references>
+ <dates>
+ <discovery>2017-07-06</discovery>
+ <entry>2017-07-07</entry>
+ </dates>
+ </vuln>
+
<vuln vid="4fc2df49-6279-11e7-be0f-6cf0497db129">
<topic>drupal -- Drupal Core - Multiple Vulnerabilities</topic>
<affects>
@@ -72,13 +148,13 @@ Notes:
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
- <p>Drupal Security Team Reports:</p>
- <blockquote cite="https://www.drupal.org/SA-CORE-2017-003">
- <p>CVE-2017-6920: PECL YAML parser unsafe object handling.</p>
- <p>CVE-2017-6921: File REST resource does not properly validate</p>
- <p>CVE-2017-6922: Files uploaded by anonymous users into a private
- file system can be accessed by other anonymous users.</p>
- </blockquote>
+ <p>Drupal Security Team Reports:</p>
+ <blockquote cite="https://www.drupal.org/SA-CORE-2017-003">
+ <p>CVE-2017-6920: PECL YAML parser unsafe object handling.</p>
+ <p>CVE-2017-6921: File REST resource does not properly validate</p>
+ <p>CVE-2017-6922: Files uploaded by anonymous users into a private
+ file system can be accessed by other anonymous users.</p>
+ </blockquote>
</body>
</description>
<references>
More information about the svn-ports-all
mailing list