aboutsummaryrefslogtreecommitdiff
path: root/security
diff options
context:
space:
mode:
authorMartin Wilke <miwi@FreeBSD.org>2010-06-14 03:04:21 +0000
committerMartin Wilke <miwi@FreeBSD.org>2010-06-14 03:04:21 +0000
commit6c25f5527851faa3eb21ae60fdb050d6bb7b5228 (patch)
treeb261ab5307a1f00c0f5f89e4e3f5eaa7e6a5f436 /security
parent13aa7cdd1be96e896d57a6e0daec1ecdaee90077 (diff)
downloadports-6c25f5527851faa3eb21ae60fdb050d6bb7b5228.tar.gz
ports-6c25f5527851faa3eb21ae60fdb050d6bb7b5228.zip
Notes
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml29
1 files changed, 14 insertions, 15 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 6f136f717e00..309d0614f137 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -181,8 +181,7 @@ Note: Please add new entries to the beginning of this file.
<p>The Redmine release announcement reports that
several cross side scripting vulnerabilities
and a potential data disclosure vulnerability have
- been fixed in the latest release.
- </p>
+ been fixed in the latest release.</p>
</body>
</description>
<references>
@@ -764,7 +763,7 @@ Note: Please add new entries to the beginning of this file.
<references>
<bid>38478</bid>
<certvu>576029</certvu>
- <cvename>CVE-2010-0205</cvename>
+ <cvename>CVE-2010-0205</cvename>
<url>http://libpng.sourceforge.net/ADVISORY-1.4.1.html</url>
<url>http://secunia.com/advisories/38774</url>
<url>http://xforce.iss.net/xforce/xfdb/56661</url>
@@ -1743,12 +1742,12 @@ Note: Please add new entries to the beginning of this file.
<p>Matthias Andree reports:</p>
<blockquote cite="http://www.fetchmail.info/fetchmail-SA-2010-01.txt">
<p>In verbose mode, fetchmail prints X.509 certificate subject and
- issuer information to the user, and counts and allocates a malloc()
- buffer for that purpose.</p>
+ issuer information to the user, and counts and allocates a malloc()
+ buffer for that purpose.</p>
<p>If the material to be displayed contains characters with high bit
- set and the platform treats the "char" type as signed, this can cause
- a heap buffer overrun because non-printing characters are escaped as
- \xFF..FFnn, where nn is 80..FF in hex.</p>
+ set and the platform treats the "char" type as signed, this can cause
+ a heap buffer overrun because non-printing characters are escaped as
+ \xFF..FFnn, where nn is 80..FF in hex.</p>
</blockquote>
</body>
</description>
@@ -1889,7 +1888,7 @@ Note: Please add new entries to the beginning of this file.
proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before
1.3.42 on 64-bit platforms allows remote origin servers to cause a
denial of service (daemon crash) or possibly execute arbitrary code
- via a large chunk size that triggers a heap-based buffer overflow.</p>
+ via a large chunk size that triggers a heap-based buffer overflow.</p>
</blockquote>
</body>
</description>
@@ -2252,7 +2251,7 @@ Note: Please add new entries to the beginning of this file.
<p>We have discovered a remotely exploitable
"improper input validation" vulnerability in the Monkey
web server that allows an attacker to perform denial of
- service attacks by repeatedly crashing worker threads
+ service attacks by repeatedly crashing worker threads
that process HTTP requests. </p>
</blockquote>
</body>
@@ -2822,8 +2821,8 @@ Note: Please add new entries to the beginning of this file.
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Secunia.com</p>
<blockquote cite="http://secunia.com/advisories/37414/">
- <p>Do not attempt to load an unqualified module.la file from the
- current directory (by default) since doing so is insecure and is
+ <p>Do not attempt to load an unqualified module.la file from the
+ current directory (by default) since doing so is insecure and is
not compliant with the documentation.</p>
</blockquote>
</body>
@@ -3459,7 +3458,7 @@ Note: Please add new entries to the beginning of this file.
<body xmlns="http://www.w3.org/1999/xhtml">
<p>Django project reports:</p>
<blockquote cite="http://www.djangoproject.com/weblog/2009/oct/09/security/">
- <p>Django's forms library includes field types which perform
+ <p>Django's forms library includes field types which perform
regular-expression-based validation of email addresses and
URLs. Certain addresses/URLs could trigger a pathological
performance case in these regular expression, resulting in
@@ -3847,7 +3846,7 @@ Note: Please add new entries to the beginning of this file.
</dates>
</vuln>
- <vuln vid="152b27f0-a158-11de-990c-e5b1d4c882e0">
+ <vuln vid="152b27f0-a158-11de-990c-e5b1d4c882e0">
<topic>nginx -- remote denial of service vulnerability</topic>
<affects>
<package>
@@ -3863,7 +3862,7 @@ Note: Please add new entries to the beginning of this file.
<body xmlns="http://www.w3.org/1999/xhtml">
<p>nginx development team reports:</p>
<blockquote cite="http://nginx.net/CHANGES">
- <p>A segmentation fault might occur in worker process while
+ <p>A segmentation fault might occur in worker process while
specially crafted request handling.</p>
</blockquote>
</body>