FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-23 14:57:51 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
1b0d2938-0766-11e6-94fa-002590263bf5libtasn1 -- denial of service parsing malicious DER certificates

GNU Libtasn1 NEWS reports:

Fixes to avoid an infinite recursion when decoding without the ASN1_DECODE_FLAG_STRICT_DER flag. Reported by Pascal Cuoq.


Discovery 2016-04-11
Entry 2016-04-21
libtasn1
< 4.8

CVE-2016-4008
http://www.openwall.com/lists/oss-security/2016/04/13/3
http://git.savannah.gnu.org/gitweb/?p=libtasn1.git;a=blob_plain;f=NEWS;hb=e9bcdc86b920d72c9cffc2570d14eea2f6365b37
82595123-e8b8-11e4-a008-047d7b492d07libtasn1 -- stack-based buffer overflow in asn1_der_decoding

Debian reports:

Hanno Boeck discovered a stack-based buffer overflow in the asn1_der_decoding function in Libtasn1, a library to manage ASN.1 structures. A remote attacker could take advantage of this flaw to cause an application using the Libtasn1 library to crash, or potentially to execute arbitrary code.


Discovery 2015-04-11
Entry 2015-04-22
libtasn1
< 4.4

CVE-2015-2806
https://www.debian.org/security/2015/dsa-3220.en.html