svn commit: r472550 - head/security/vuxml
Joseph Mingrone
jrm at FreeBSD.org
Sat Jun 16 14:43:01 UTC 2018
Author: jrm
Date: Sat Jun 16 14:43:00 2018
New Revision: 472550
URL: https://svnweb.freebsd.org/changeset/ports/472550
Log:
security/vuxml: document Slurm vulnerability
https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html
While here, silence validation warnings caused by node.js 2018-06-15 entry.
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Sat Jun 16 14:21:11 2018 (r472549)
+++ head/security/vuxml/vuln.xml Sat Jun 16 14:43:00 2018 (r472550)
@@ -58,6 +58,35 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="3a66cb69-716f-11e8-be54-3085a9a47796">
+ <topic>slurm -- insecure handling of user_name and gid fields</topic>
+ <affects>
+ <package>
+ <name>slurm-wlm</name>
+ <range><lt>17.02.11</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>SchedMD reports:</p>
+ <blockquote cite="https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html">
+ <h1>Insecure handling of user_name and gid fields (CVE-2018-10995)</h1>
+ <p>While fixes are only available for the supported 17.02 and 17.11
+ releases, it is believed that similar vulnerabilities do affect past
+ versions as well. The only resolution is to upgrade Slurm to a fixed
+ release.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://lists.schedmd.com/pipermail/slurm-announce/2018/000008.html</url>
+ </references>
+ <dates>
+ <discovery>2018-05-30</discovery>
+ <entry>2018-06-16</entry>
+ </dates>
+ </vuln>
+
<vuln vid="45b8e2eb-7056-11e8-8fab-63ca6e0e13a2">
<topic>node.js -- multiple vulnerabilities</topic>
<affects>
@@ -78,43 +107,43 @@ Notes:
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Node.js reports:</p>
<blockquote cite="https://nodejs.org/en/blog/vulnerability/june-2018-security-releases/">
- <h1>Denial of Service Vulnerability in HTTP/2 (CVE-2018-7161)</h1>
+ <h1>Denial of Service Vulnerability in HTTP/2 (CVE-2018-7161)</h1>
<p>All versions of 8.x and later are vulnerable and the severity is
- HIGH. An attacker can cause a denial of service (DoS) by causing a
- node server providing an http2 server to crash. This can be
- accomplished by interacting with the http2 server in a manner that
- triggers a cleanup bug where objects are used in native code after
- they are no longer available. This has been addressed by updating
- the http2 implementation. Thanks to Jordan Zebor at F5 Networks for
- reporting this issue.</p>
- <h1>Denial of Service, nghttp2 dependency (CVE-2018-1000168)</h1>
+ HIGH. An attacker can cause a denial of service (DoS) by causing a
+ node server providing an http2 server to crash. This can be
+ accomplished by interacting with the http2 server in a manner that
+ triggers a cleanup bug where objects are used in native code after
+ they are no longer available. This has been addressed by updating
+ the http2 implementation. Thanks to Jordan Zebor at F5 Networks for
+ reporting this issue.</p>
+ <h1>Denial of Service, nghttp2 dependency (CVE-2018-1000168)</h1>
<p>All versions of 9.x and later are vulnerable and the severity is
- HIGH. Under certain conditions, a malicious client can trigger an
- uninitialized read (and a subsequent segfault) by sending a
- malformed ALTSVC frame. This has been addressed through an by
- updating nghttp2.</p>
- <h1>Denial of Service Vulnerability in TLS (CVE-2018-7162)</h1>
+ HIGH. Under certain conditions, a malicious client can trigger an
+ uninitialized read (and a subsequent segfault) by sending a
+ malformed ALTSVC frame. This has been addressed through an by
+ updating nghttp2.</p>
+ <h1>Denial of Service Vulnerability in TLS (CVE-2018-7162)</h1>
<p>All versions of 9.x and later are vulnerable and the severity is
- HIGH. An attacker can cause a denial of service (DoS) by causing a
- node process which provides an http server supporting TLS server to
- crash. This can be accomplished by sending duplicate/unexpected
- messages during the handshake. This vulnerability has been addressed
- by updating the TLS implementation. Thanks to Jordan Zebor at F5
- Networks all of his help investigating this issue with the Node.js
- team.</p>
- <h1>Memory exhaustion DoS on v9.x (CVE-2018-7164)</h1>
+ HIGH. An attacker can cause a denial of service (DoS) by causing a
+ node process which provides an http server supporting TLS server to
+ crash. This can be accomplished by sending duplicate/unexpected
+ messages during the handshake. This vulnerability has been addressed
+ by updating the TLS implementation. Thanks to Jordan Zebor at F5
+ Networks all of his help investigating this issue with the Node.js
+ team.</p>
+ <h1>Memory exhaustion DoS on v9.x (CVE-2018-7164)</h1>
<p>Versions 9.7.0 and later are vulnerable and the severity is MEDIUM.
- A bug introduced in 9.7.0 increases the memory consumed when reading
- from the network into JavaScript using the net.Socket object
- directly as a stream. An attacker could use this cause a denial of
- service by sending tiny chunks of data in short succession. This
- vulnerability was restored by reverting to the prior behaviour.</p>
- <h1>Calls to Buffer.fill() and/or Buffer.alloc() may hang (CVE-2018-7167)</h1>
+ A bug introduced in 9.7.0 increases the memory consumed when reading
+ from the network into JavaScript using the net.Socket object
+ directly as a stream. An attacker could use this cause a denial of
+ service by sending tiny chunks of data in short succession. This
+ vulnerability was restored by reverting to the prior behaviour.</p>
+ <h1>Calls to Buffer.fill() and/or Buffer.alloc() may hang (CVE-2018-7167)</h1>
<p>Calling Buffer.fill() or Buffer.alloc() with some parameters can
- lead to a hang which could result in a Denial of Service. In order
- to address this vulnerability, the implementations of Buffer.alloc()
- and Buffer.fill() were updated so that they zero fill instead of
- hanging in these cases.</p>
+ lead to a hang which could result in a Denial of Service. In order
+ to address this vulnerability, the implementations of Buffer.alloc()
+ and Buffer.fill() were updated so that they zero fill instead of
+ hanging in these cases.</p>
</blockquote>
</body>
</description>
More information about the svn-ports-all
mailing list