svn commit: r446661 - head/security/vuxml
Martin Matuska
mm at FreeBSD.org
Wed Jul 26 15:06:29 UTC 2017
Author: mm
Date: Wed Jul 26 15:06:28 2017
New Revision: 446661
URL: https://svnweb.freebsd.org/changeset/ports/446661
Log:
security/vuxml: Add jabberd vulnerability
PR: 221014
Security: CVE-2017-10807
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Jul 26 14:52:02 2017 (r446660)
+++ head/security/vuxml/vuln.xml Wed Jul 26 15:06:28 2017 (r446661)
@@ -58,6 +58,36 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="76d80b33-7211-11e7-998a-08606e47f965">
+ <topic>jabberd -- authentication bypass vulnerability</topic>
+ <affects>
+ <package>
+ <name>jabberd</name>
+ <range><lt>2.6.1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>SecurityFocus reports:</p>
+ <blockquote cite="http://www.securityfocus.com/bid/99511/discuss">
+ <p>JabberD is prone to an authentication-bypass vulnerability.
+ An attacker can exploit this issue to bypass the authentication
+ mechanism and perform unauthorized actions. This may lead to
+ further attacks.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867032</url>
+ <url>http://www.securityfocus.com/bid/99511</url>
+ <cvename>CVE-2017-10807</cvename>
+ </references>
+ <dates>
+ <discovery>2017-07-03</discovery>
+ <entry>2017-07-26</entry>
+ </dates>
+ </vuln>
+
<vuln vid="0f66b901-715c-11e7-ad1f-bcaec565249c">
<topic>webkit2-gtk3 -- multiple vulnabilities</topic>
<affects>
More information about the svn-ports-all
mailing list