svn commit: r545270 - head/security/vuxml
Glen Barber
gjb at FreeBSD.org
Wed Aug 19 03:30:07 UTC 2020
Author: gjb
Date: Wed Aug 19 03:30:06 2020
New Revision: 545270
URL: https://svnweb.freebsd.org/changeset/ports/545270
Log:
Revert r545263, which excludes the package name, version(s) affected,
and includes "INSERT BLOCKQUOTE URL HERE" for a URL, suggesting the
'make validate' target was clearly not executed.
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Wed Aug 19 03:03:08 2020 (r545269)
+++ head/security/vuxml/vuln.xml Wed Aug 19 03:30:06 2020 (r545270)
@@ -58,40 +58,6 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
- <vuln vid="e37a0a7b-e1a7-11ea-9538-0c9d925bbbc0">
- <topic>security/trousers -- several vulnerabilities</topic>
- <affects>
- <package>
- <name></name>
- <range><lt></lt></range>
- </package>
- </affects>
- <description>
- <body xmlns="http://www.w3.org/1999/xhtml">
- <p>the TrouSerS project reports reports:</p>
- <blockquote cite="https://sourceforge.net/p/trousers/trousers/ci/e74dd1d96753b0538192143adf58d04fcd3b242b/">
- <p>If the tcsd daemon is started with root privileges, it fails to
- drop the root gid after it is no longer needed.</p>
- <p>If the tcsd daemon is started with root privileges, the tss user
- has read and write access to the /etc/tcsd.conf file.</p>
- <p>If the tcsd daemon is started with root privileges, the creation
- of the system.data file is prone to symlink attacks.</p>
- </blockquote>
- </body>
- </description>
- <references>
- <url>INSERT BLOCKQUOTE URL HERE</url>
- <url>https://www.openwall.com/lists/oss-security/2020/05/20/3</url>
- <cvename>CVE-2020-24330</cvename>
- <cvename>CVE-2020-24331</cvename>
- <cvename>CVE-2020-24332</cvename>
- </references>
- <dates>
- <discovery>2020-05-20</discovery>
- <entry>2020-08-18</entry>
- </dates>
- </vuln>
-
<vuln vid="64575bb6-e188-11ea-beed-e09467587c17">
<topic>chromium -- heap buffer overflow</topic>
<affects>
More information about the svn-ports-head
mailing list