FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
01d729ca-1143-11e6-b55e-b499baebfeafOpenSSL -- multiple vulnerabilities

OpenSSL reports:

Memory corruption in the ASN.1 encoder

Padding oracle in AES-NI CBC MAC check

EVP_EncodeUpdate overflow

EVP_EncryptUpdate overflow

ASN.1 BIO excessive memory allocation

EBCDIC overread (OpenSSL only)


Discovery 2016-05-03
Entry 2016-05-03
Modified 2016-08-09
openssl
< 1.0.2_11

linux-c6-openssl
< 1.0.1e_8

libressl
ge 2.3.0 lt 2.3.4

< 2.2.7

libressl-devel
< 2.3.4

FreeBSD
ge 10.3 lt 10.3_2

ge 10.2 lt 10.2_16

ge 10.1 lt 10.1_33

ge 9.3 lt 9.3_41

https://www.openssl.org/news/secadv/20160503.txt
https://marc.info/?l=openbsd-tech&m=146228598730414
CVE-2016-2105
CVE-2016-2106
CVE-2016-2107
CVE-2016-2108
CVE-2016-2109
CVE-2016-2176
SA-16:17.openssl
03175e62-5494-11e4-9cc1-bc5ff4fb5e7bOpenSSL -- multiple vulnerabilities

The OpenSSL Project reports:

A flaw in the DTLS SRTP extension parsing code allows an attacker, who sends a carefully crafted handshake message, to cause OpenSSL to fail to free up to 64k of memory causing a memory leak. This could be exploited in a Denial Of Service attack. This issue affects OpenSSL 1.0.1 server implementations for both SSL/TLS and DTLS regardless of whether SRTP is used or configured. Implementations of OpenSSL that have been compiled with OPENSSL_NO_SRTP defined are not affected. [CVE-2014-3513].

When an OpenSSL SSL/TLS/DTLS server receives a session ticket the integrity of that ticket is first verified. In the event of a session ticket integrity check failing, OpenSSL will fail to free memory causing a memory leak. By sending a large number of invalid session tickets an attacker could exploit this issue in a Denial Of Service attack. [CVE-2014-3567].

OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade.

Some client applications (such as browsers) will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade connections to SSL 3.0 even if both sides of the connection support higher protocols. SSL 3.0 contains a number of weaknesses including POODLE [CVE-2014-3566].

When OpenSSL is configured with "no-ssl3" as a build option, servers could accept and complete a SSL 3.0 handshake, and clients could be configured to send them. [CVE-2014-3568].


Discovery 2014-10-15
Entry 2014-10-15
Modified 2016-08-09
openssl
ge 1.0.1 lt 1.0.1_16

mingw32-openssl
ge 1.0.1 lt 1.0.1j

linux-c6-openssl
< 1.0.1e_1

FreeBSD
ge 8.4 lt 8.4_17

ge 9.1 lt 9.1_20

ge 9.2 lt 9.2_13

ge 9.3 lt 9.3_3

ge 10.0 lt 10.0_10

SA-14:23.openssl
CVE-2014-3513
CVE-2014-3566
CVE-2014-3567
CVE-2014-3568
https://www.openssl.org/news/secadv_20141015.txt
0fcd3af0-a0fe-11e6-b1cf-14dae9d210b8FreeBSD -- OpenSSL Remote DoS vulnerability

Problem Description:

Due to improper handling of alert packets, OpenSSL would consume an excessive amount of CPU time processing undefined alert messages.

Impact:

A remote attacker who can initiate handshakes with an OpenSSL based server can cause the server to consume a lot of computation power with very little bandwidth usage, and may be able to use this technique in a leveraged Denial of Service attack.


Discovery 2016-11-02
Entry 2016-11-02
Modified 2017-02-22
FreeBSD
ge 10.3 lt 10.3_12

ge 10.2 lt 10.2_25

ge 10.1 lt 10.1_42

ge 9.3 lt 9.3_50

openssl
< 1.0.2i,1

openssl-devel
< 1.1.0a

linux-c6-openssl
< 1.0.1e_13

linux-c7-openssl-libs
< 1.0.1e_3

CVE-2016-8610
SA-16:35.openssl
http://seclists.org/oss-sec/2016/q4/224
43eaa656-80bc-11e6-bf52-b499baebfeafOpenSSL -- multiple vulnerabilities

OpenSSL reports:

High: OCSP Status Request extension unbounded memory growth

SSL_peek() hang on empty record

SWEET32 Mitigation

OOB write in MDC2_Update()

Malformed SHA512 ticket DoS

OOB write in BN_bn2dec()

OOB read in TS_OBJ_print_bio()

Pointer arithmetic undefined behaviour

Constant time flag not preserved in DSA signing

DTLS buffered message DoS

DTLS replay protection DoS

Certificate message OOB reads

Excessive allocation of memory in tls_get_message_header()

Excessive allocation of memory in dtls1_preprocess_fragment()

NB: LibreSSL is only affected by CVE-2016-6304


Discovery 2016-09-22
Entry 2016-09-22
Modified 2016-10-11
openssl-devel
ge 1.1.0 lt 1.1.0_1

openssl
< 1.0.2i,1

linux-c6-openssl
< 1.0.1e_11

FreeBSD
ge 10.3 lt 10.3_8

ge 10.2 lt 10.2_21

ge 10.1 lt 10.1_38

ge 9.3 lt 9.3_46

https://www.openssl.org/news/secadv/20160922.txt
CVE-2016-6304
CVE-2016-6305
CVE-2016-2183
CVE-2016-6303
CVE-2016-6302
CVE-2016-2182
CVE-2016-2180
CVE-2016-2177
CVE-2016-2178
CVE-2016-2179
CVE-2016-2181
CVE-2016-6306
CVE-2016-6307
CVE-2016-6308
SA-16:26.openssl
4c8d1d72-9b38-11e5-aece-d050996490d0openssl -- multiple vulnerabilities

OpenSSL project reports:

  1. BN_mod_exp may produce incorrect results on x86_64 (CVE-2015-3193)
  2. Certificate verify crash with missing PSS parameter (CVE-2015-3194)
  3. X509_ATTRIBUTE memory leak (CVE-2015-3195)
  4. Race condition handling PSK identify hint (CVE-2015-3196)
  5. Anon DH ServerKeyExchange with 0 p parameter (CVE-2015-1794)

Discovery 2015-12-03
Entry 2015-12-05
Modified 2016-08-09
openssl
< 1.0.2_5

mingw32-openssl
ge 1.0.1 lt 1.0.2e

linux-c6-openssl
< 1.0.1e_7

FreeBSD
ge 10.2 lt 10.2_8

ge 10.1 lt 10.1_25

ge 9.3 lt 9.3_31

SA-15:26.openssl
CVE-2015-1794
CVE-2015-3193
CVE-2015-3194
CVE-2015-3195
CVE-2015-3196
https://www.openssl.org/news/secadv/20151203.txt
4e536c14-9791-11e4-977d-d050992ecde8OpenSSL -- multiple vulnerabilities

OpenSSL project reports:

DTLS segmentation fault in dtls1_get_record (CVE-2014-3571)

DTLS memory leak in dtls1_buffer_record (CVE-2015-0206)

no-ssl3 configuration sets method to NULL (CVE-2014-3569)

ECDHE silently downgrades to ECDH [Client] (CVE-2014-3572)

RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204)

DH client certificates accepted without verification [Server] (CVE-2015-0205)

Certificate fingerprints can be modified (CVE-2014-8275)

Bignum squaring may produce incorrect results (CVE-2014-3570)


Discovery 2015-01-08
Entry 2015-01-08
Modified 2016-08-09
openssl
ge 1.0.1 lt 1.0.1_17

mingw32-openssl
ge 1.0.1 lt 1.0.1k

linux-c6-openssl
< 1.0.1e_3

FreeBSD
ge 10.1 lt 10.1_4

ge 10.0 lt 10.0_16

ge 9.3 lt 9.3_8

ge 8.4 lt 8.4_22

SA-15:01.openssl
CVE-2014-3569
CVE-2014-3570
CVE-2014-3571
CVE-2014-3572
CVE-2014-8275
CVE-2015-0204
CVE-2015-0205
CVE-2015-0206
https://www.openssl.org/news/secadv_20150108.txt
7700061f-34f7-11e9-b95c-b499baebfeafOpenSSL -- Padding oracle vulnerability

The OpenSSL project reports:

0-byte record padding oracle (CVE-2019-1559) (Moderate)

If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data.


Discovery 2019-02-19
Entry 2019-02-20
Modified 2019-03-07
openssl
< 1.0.2r,1

linux-c6-openssl
< 1.0.1e_16

https://www.openssl.org/news/secadv/20190226.txt
CVE-2019-1559
8305e215-1080-11e5-8ba2-000c2980a9f3openssl -- multiple vulnerabilities

The OpenSSL team reports:

  • Missing DHE man-in-the-middle protection (Logjam) (CVE-2015-4000)
  • Malformed ECParameters causes infinite loop (CVE-2015-1788)
  • Exploitable out-of-bounds read in X509_cmp_time (CVE-2015-1789)
  • PKCS#7 crash with missing EnvelopedContent (CVE-2015-1790)
  • CMS verify infinite loop with unknown hash function (CVE-2015-1792)
  • Race condition handling NewSessionTicket (CVE-2015-1791)
  • Invalid free in DTLS (CVE-2014-8176)

Discovery 2015-06-11
Entry 2015-06-11
Modified 2016-08-09
openssl
< 1.0.2_2

mingw32-openssl
ge 1.0.1 lt 1.0.2b

linux-c6-openssl
< 1.0.1e_6

libressl
< 2.1.7

FreeBSD
ge 10.1 lt 10.1_12

ge 9.3 lt 9.3_16

ge 8.4 lt 8.4_30

CVE-2014-8176
CVE-2015-1788
CVE-2015-1789
CVE-2015-1790
CVE-2015-1791
CVE-2015-1792
CVE-2015-4000
SA-15:10.openssl
https://www.openssl.org/news/secadv_20150611.txt
9d15355b-ce7c-11e4-9db0-d050992ecde8OpenSSL -- multiple vulnerabilities

OpenSSL project reports:

  • Reclassified: RSA silently downgrades to EXPORT_RSA [Client] (CVE-2015-0204). OpenSSL only.
  • Segmentation fault in ASN1_TYPE_cmp (CVE-2015-0286)
  • ASN.1 structure reuse memory corruption (CVE-2015-0287)
  • PKCS#7 NULL pointer dereferences (CVE-2015-0289)
  • Base64 decode (CVE-2015-0292). OpenSSL only.
  • DoS via reachable assert in SSLv2 servers (CVE-2015-0293). OpenSSL only.
  • Use After Free following d2i_ECPrivatekey error (CVE-2015-0209)
  • X509_to_X509_REQ NULL pointer deref (CVE-2015-0288)

Discovery 2015-03-19
Entry 2015-03-19
Modified 2016-08-09
openssl
ge 1.0.1 lt 1.0.1_19

mingw32-openssl
ge 1.0.1 lt 1.0.1m

linux-c6-openssl
< 1.0.1e_4

libressl
le 2.1.5_1

FreeBSD
ge 10.1 lt 10.1_8

ge 9.3 lt 9.3_12

ge 8.4 lt 8.4_26

SA-15:06.openssl
ports/198681
CVE-2015-0204
CVE-2015-0286
CVE-2015-0287
CVE-2015-0289
CVE-2015-0292
CVE-2015-0293
CVE-2015-0209
CVE-2015-0288
https://www.openssl.org/news/secadv_20150319.txt
d455708a-e3d3-11e6-9940-b499baebfeafOpenSSL -- multiple vulnerabilities

The OpenSSL project reports:

  • Truncated packet could crash via OOB read (CVE-2017-3731)
  • Bad (EC)DHE parameters cause a client crash (CVE-2017-3730)
  • BN_mod_exp may produce incorrect results on x86_64 (CVE-2017-3732)
  • Montgomery multiplication may produce incorrect results (CVE-2016-7055)

Discovery 2017-01-26
Entry 2017-01-26
Modified 2017-05-26
openssl
< 1.0.2k,1

openssl-devel
< 1.1.0d

linux-c6-openssl
< 1.0.1e_13

linux-c7-openssl-libs
< 1.0.1e_3

FreeBSD
ge 11.0 lt 11.0_8

ge 10.3 lt 10.3_17

https://www.openssl.org/news/secadv/20170126.txt
CVE-2016-7055
CVE-2017-3730
CVE-2017-3731
CVE-2017-3732
SA-17:02.openssl