svn commit: r369252 - head/security/vuxml
Eygene Ryabinkin
rea at FreeBSD.org
Thu Sep 25 13:29:39 UTC 2014
Author: rea
Date: Thu Sep 25 13:29:38 2014
New Revision: 369252
URL: http://svnweb.freebsd.org/changeset/ports/369252
QAT: https://qat.redports.org/buildarchive/r369252/
Log:
VuXML entry 48108fb0-751c-4cbb-8f33-09239ead4b55: expanded details
Reviewed by: des@
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Thu Sep 25 13:00:09 2014 (r369251)
+++ head/security/vuxml/vuln.xml Thu Sep 25 13:29:38 2014 (r369252)
@@ -122,8 +122,12 @@ Notes:
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
<p>The Mozilla Project reports:</p>
- <blockquote cite="http://www.mozilla.org/security/known-vulnerabilities/">
- <p>MFSA 2014-73 RSA Signature Forgery in NSS</p>
+ <blockquote cite="https://www.mozilla.org/security/announce/2014/mfsa2014-73.html">
+ <p>Antoine Delignat-Lavaud discovered that NSS is vulnerable
+ to a variant of a signature forgery attack previously
+ published by Daniel Bleichenbacher. This is due to lenient
+ parsing of ASN.1 values involved in a signature and could
+ lead to the forging of RSA certificates.</p>
</blockquote>
</body>
</description>
More information about the svn-ports-head
mailing list