svn commit: r449154 - head/security/vuxml

[Mark Felder]

Author: feld
Date: Sat Sep  2 16:52:00 2017
New Revision: 449154
URL: https://svnweb.freebsd.org/changeset/ports/449154

Log:
  Cancel CVE-2017-6419 for security/clamav
  
  This only affected clamav-devel / the unreleased code for 0.99.3.

Modified:
  head/security/vuxml/vuln.xml

Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml	Sat Sep  2 16:43:49 2017	(r449153)
+++ head/security/vuxml/vuln.xml	Sat Sep  2 16:52:00 2017	(r449154)
@@ -59,32 +59,7 @@ Notes:
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="44101b31-8ffd-11e7-b5af-a4badb2f4699">
-    <topic>clamav -- denial of service vulnerability</topic>
-    <affects>
-      <package>
-	<name>clamav</name>
-	<range><lt>0.99.3</lt></range>
-      </package>
-    </affects>
-    <description>
-      <body xmlns="http://www.w3.org/1999/xhtml">
-	<p>TALOS reports:</p>
-	<blockquote cite="https://bugzilla.clamav.net/show_bug.cgi?id=11701">
-	  <p>mspack/lzxd.c in libmspack 0.5alpha, as used in ClamAV
-	    0.99.2, allows remote attackers to cause a denial of service (heap-based
-	    buffer overflow and application crash) or possibly have unspecified
-	    other impact via a crafted CHM file.</p>
-	</blockquote>
-      </body>
-    </description>
-    <references>
-      <cvename>CVE-2017-6419</cvename>
-      <url>https://bugzilla.clamav.net/show_bug.cgi?id=11701</url>
-    </references>
-    <dates>
-      <discovery>2017-03-29</discovery>
-      <entry>2017-09-02</entry>
-    </dates>
+    <cancelled/>
   </vuln>
 
   <vuln vid="5a1f1a86-8f4c-11e7-b5af-a4badb2f4699">