FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-16 19:33:48 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
03532a19-d68e-11e6-9171-14dae9d210b8lynx -- multiple vulnerabilities

Oracle reports:

Lynx is vulnerable to POODLE by still supporting vulnerable version of SSL. Lynx is also vulnerable to URL attacks by incorrectly parsing hostnames ending with an '?'.


Discovery 2016-10-26
Entry 2017-01-09
lynx
< 2.8.8.2_5,1

https://hg.java.net/hg/solaris-userland~gate/file/bc5351dcb9ac/components/lynx/patches/02-init-openssl.patch
https://hg.java.net/hg/solaris-userland~gate/file/0a979060f73b/components/lynx/patches/05-fix-CVE-2016-9179.patch
CVE-2014-3566
CVE-2016-9179
ports/215464
e9200f8e-fd34-11eb-afb1-c85b76ce9b5alynx -- SSL certificate validation error

Axel Beckert reports:

[...] I was able to capture the password given on the commandline in traffic of an TLS handshake using tcpdump and analysing it with Wireshark: [...]


Discovery 2021-08-07
Entry 2021-08-14
Modified 2021-08-15
ja-lynx
< 2.8.10

ja-lynx-current
< 2.9.0d9

lynx
< 2.8.10

lynx-current
< 2.9.0d9

https://lists.nongnu.org/archive/html/lynx-dev/2021-08/msg00002.html