diff options
author | Jung-uk Kim <jkim@FreeBSD.org> | 2017-11-16 19:05:01 +0000 |
---|---|---|
committer | Jung-uk Kim <jkim@FreeBSD.org> | 2017-11-16 19:05:01 +0000 |
commit | 913424bc78745fbd1f351d4fe52e47c081d70c43 (patch) | |
tree | 4a8e0a4618b3404a145927ae1480089ca654689d /security | |
parent | 6bc3cbb6b1f351e8887a99be21ac6eb939b73d34 (diff) | |
download | ports-913424bc78745fbd1f351d4fe52e47c081d70c43.tar.gz ports-913424bc78745fbd1f351d4fe52e47c081d70c43.zip |
Notes
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 4e521a7425a6..7b2485a649d7 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,43 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="52f10525-caff-11e7-b590-6451062f0f7a"> + <topic>Flash Player -- multiple vulnerabilities</topic> + <affects> + <package> + <name>linux-flashplayer</name> + <range><lt>27.0.0.187</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Adobe reports:</p> + <blockquote cite="https://helpx.adobe.com/security/products/flash-player/apsb17-33.html"> + <ul> + <li>These updates resolve out-of-bounds read vulnerabilities that + could lead to remote code execution (CVE-2017-3112, + CVE-2017-3114, CVE-2017-11213).</li> + <li>These updates resolve use after free vulnerabilities that + could lead to remote code execution (CVE-2017-11215, + CVE-2017-11225).</li> + </ul> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2017-3112</cvename> + <cvename>CVE-2017-3114</cvename> + <cvename>CVE-2017-11213</cvename> + <cvename>CVE-2017-11215</cvename> + <cvename>CVE-2017-11225</cvename> + <url>https://helpx.adobe.com/security/products/flash-player/apsb17-33.html</url> + </references> + <dates> + <discovery>2017-11-14</discovery> + <entry>2017-11-16</entry> + </dates> + </vuln> + <vuln vid="b4b7ec7d-ca27-11e7-a12d-6cc21735f730"> <topic>shibboleth2-sp -- "Dynamic" metadata provider plugin issue</topic> <affects> |