aboutsummaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorSimon L. B. Nielsen <simon@FreeBSD.org>2005-06-09 08:44:03 +0000
committerSimon L. B. Nielsen <simon@FreeBSD.org>2005-06-09 08:44:03 +0000
commit48712a5c45084ee94402452f0886f852abad70fe (patch)
treecb3574dfbc215dac2bec34d82b894c83c28d8dcc /security
parentd4e3823b04007dcbf956bae8813b3c78323ac5ac (diff)
downloadports-48712a5c45084ee94402452f0886f852abad70fe.tar.gz
ports-48712a5c45084ee94402452f0886f852abad70fe.zip
Notes
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml33
1 files changed, 33 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index b6d7d669fcd8..de8893e9eb4d 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -32,6 +32,39 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="b5ffaa2a-ee50-4498-af99-61bc1b163c00">
+ <topic>leafnode -- denial of service vulnerability</topic>
+ <affects>
+ <package>
+ <name>leafnode</name>
+ <range><lt>1.11.3</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Matthias Andree reports:</p>
+ <blockquote cite="http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt">
+ <p>A vulnerability was found in the fetchnews program (the NNTP
+ client) that may under some circumstances cause a wait for input
+ that never arrives, fetchnews "hangs". [...]</p>
+ <p>As only one fetchnews program can run at a time, subsequently
+ started fetchnews and texpire programs will terminate. [...]</p>
+ <p>Upgrade your leafnode package to version 1.11.3.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2005-1911</cvename>
+ <url>http://leafnode.sourceforge.net/leafnode-SA-2005-02.txt</url>
+ <freebsdpr>ports/82056</freebsdpr>
+ <mlist msgid="20050608215155.GB27234@merlin.emma.line.org">http://marc.theaimsgroup.com/?l=vulnwatch&amp;m=111827180929063</mlist>
+ </references>
+ <dates>
+ <discovery>2005-06-08</discovery>
+ <entry>2005-06-09</entry>
+ </dates>
+ </vuln>
+
<vuln vid="fe903533-ff96-4c7a-bd3e-4d40efa71897">
<topic>gforge -- directory traversal vulnerability</topic>
<affects>