svn commit: r422582 - head/security/vuxml
Bryan Drewery
bdrewery at FreeBSD.org
Wed Sep 21 22:00:14 UTC 2016
On 9/21/16 1:59 PM, Mark Felder wrote:
> Author: feld
> Date: Wed Sep 21 20:59:52 2016
> New Revision: 422582
> URL: https://svnweb.freebsd.org/changeset/ports/422582
>
> Log:
> Document irssi vulnerabilities
>
> PR: 212888
> Security: CVE-2016-7044
> Security: CVE-2016-7045
>
> Modified:
> head/security/vuxml/vuln.xml
>
> Modified: head/security/vuxml/vuln.xml
> ==============================================================================
> --- head/security/vuxml/vuln.xml Wed Sep 21 20:59:25 2016 (r422581)
> +++ head/security/vuxml/vuln.xml Wed Sep 21 20:59:52 2016 (r422582)
> @@ -58,6 +58,34 @@ Notes:
> * Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
> -->
> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
> + <vuln vid="e78261e4-803d-11e6-a590-14dae9d210b8">
> + <topic>irssi -- heap corruption and missing boundary checks</topic>
> + <affects>
> + <package>
> + <name>irssi</name>
> + <range><lt>0.8.20</lt></range>
> + </package>
Only 0.8.17+ are affected. See
https://irssi.org/security/irssi_sa_2016.txt "Affected versions". The
irssi-devel port likely had vulnerable revisions too.
--
Regards,
Bryan Drewery
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/svn-ports-head/attachments/20160921/2cf577dc/attachment.sig>
More information about the svn-ports-head
mailing list