aboutsummaryrefslogtreecommitdiff
path: root/security/vuxml
diff options
context:
space:
mode:
authorChristian Weisgerber <naddy@FreeBSD.org>2010-03-24 18:48:01 +0000
committerChristian Weisgerber <naddy@FreeBSD.org>2010-03-24 18:48:01 +0000
commit25a2b64738cc922360ee51c05e55d6402c480b09 (patch)
tree7b43b543f04650b28d1bda4b789aa8904323d963 /security/vuxml
parent0f7ef19845048b03f7c9c5f994ef0074fda28676 (diff)
downloadports-25a2b64738cc922360ee51c05e55d6402c480b09.tar.gz
ports-25a2b64738cc922360ee51c05e55d6402c480b09.zip
Notes
Diffstat (limited to 'security/vuxml')
-rw-r--r--security/vuxml/vuln.xml27
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 01fa27afbd71..b3ec4160c8e2 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,33 @@ Note: Please add new entries to the beginning of this file.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="c175d72f-3773-11df-8bb8-0211d880e350">
+ <topic>gtar -- buffer overflow in rmt client</topic>
+ <affects>
+ <package>
+ <name>gtar</name>
+ <range><lt>1.22_3</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Jakob Lell reports:</p>
+ <blockquote cite="http://www.agrs.tu-berlin.de/index.php?id=78327">
+ <p>The rmt client implementation of GNU Tar/Cpio contains
+ a heap-based buffer overflow which possibly allows
+ arbitrary code execution.</p>
+ <p>The problem can be exploited when using an
+ untrusted/compromised rmt server.</p>
+ </blockquote>
+ </body>
+ </description> <references>
+ <cvename>CVE-2010-0624</cvename>
+ <url>http://www.agrs.tu-berlin.de/index.php?id=78327</url>
+ </references> <dates>
+ <discovery>2010-03-24</discovery> <entry>2010-03-24</entry>
+ </dates>
+ </vuln>
+
<vuln vid="5d5ed535-3653-11df-9edc-000f20797ede">
<topic>firefox -- WOFF heap corruption due to integer overflow</topic>
<affects>