FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-28 14:09:37 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
25ed4ff8-8940-11df-a339-0026189baca3	bogofilter -- heap underrun on malformed base64 input Julius Plenz reports: I found a bug in the base64_decode function which may cause memory corruption when the function is executed on a malformed base64 encoded string. If a string starting with an equal-sign is passed to the base64_decode function it triggers a memory corruption that in some cases makes bogofilter crash. Discovery 2010-06-28 Entry 2010-07-06 bogofilter < 1.2.1_2 bogofilter-sqlite < 1.2.1_1 bogofilter-tc < 1.2.1_1 CVE-2010-2494 http://bogofilter.sourceforge.net/security/bogofilter-SA-2010-01
f4428842-a583-4a4c-89b7-297c3459a1c3	bogofilter -- RFC 2047 decoder denial-of-service vulnerability The bogofilter team has been provided with a test case of a malformatted (non-conformant) RFC-2047 encoded word that can cause bogofilter versions 0.92.7 and prior to try to write a NUL byte into a memory location that is either one byte past the end of a flex buffer or to a location that is the negative of the encoded word's start of payload data, causing a segmentation fault. Discovery 2004-10-09 Entry 2004-10-26 Modified 2015-09-28 bogofilter bogofilter-qdbm bogofilter-tdb ru-bogofilter ge 0.17.4 lt 0.92.8 ports/73144 CVE-2004-1007 http://article.gmane.org/gmane.mail.bogofilter.devel/3308 http://article.gmane.org/gmane.mail.bogofilter.devel/3317 http://bugs.debian.org/275373 http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01
f524d8e0-3d83-11e2-807a-080027ef73ec	bogofilter -- heap corruption by invalid base64 input David Relson reports: Fix a heap corruption in base64 decoder on invalid input. Analysis and patch by Julius Plenz, [FU Berlin, Germany]. Discovery 2012-10-17 Entry 2012-12-03 bogofilter < 1.2.3 bogofilter-sqlite < 1.2.3 bogofilter-tc < 1.2.3 CVE-2012-5468 http://bogofilter.sourceforge.net/security/bogofilter-SA-2012-01

VuXML ID

Description

25ed4ff8-8940-11df-a339-0026189baca3

bogofilter -- heap underrun on malformed base64 input

Julius Plenz reports:

I found a bug in the base64_decode function which may cause memory corruption when the function is executed on a malformed base64 encoded string.

If a string starting with an equal-sign is passed to the base64_decode function it triggers a memory corruption that in some cases makes bogofilter crash.

Discovery 2010-06-28
Entry 2010-07-06
bogofilter

< 1.2.1_2

bogofilter-sqlite

< 1.2.1_1

bogofilter-tc

< 1.2.1_1

CVE-2010-2494
http://bogofilter.sourceforge.net/security/bogofilter-SA-2010-01

f4428842-a583-4a4c-89b7-297c3459a1c3

bogofilter -- RFC 2047 decoder denial-of-service vulnerability

The bogofilter team has been provided with a test case of a malformatted (non-conformant) RFC-2047 encoded word that can cause bogofilter versions 0.92.7 and prior to try to write a NUL byte into a memory location that is either one byte past the end of a flex buffer or to a location that is the negative of the encoded word's start of payload data, causing a segmentation fault.

Discovery 2004-10-09
Entry 2004-10-26
Modified 2015-09-28
bogofilter
bogofilter-qdbm
bogofilter-tdb
ru-bogofilter

ge 0.17.4 lt 0.92.8

ports/73144
CVE-2004-1007
http://article.gmane.org/gmane.mail.bogofilter.devel/3308
http://article.gmane.org/gmane.mail.bogofilter.devel/3317
http://bugs.debian.org/275373
http://bogofilter.sourceforge.net/security/bogofilter-SA-2004-01

f524d8e0-3d83-11e2-807a-080027ef73ec

bogofilter -- heap corruption by invalid base64 input

David Relson reports:

Fix a heap corruption in base64 decoder on invalid input. Analysis and patch by Julius Plenz, [FU Berlin, Germany].

Discovery 2012-10-17
Entry 2012-12-03
bogofilter

< 1.2.3

bogofilter-sqlite

< 1.2.3

bogofilter-tc

< 1.2.3

CVE-2012-5468
http://bogofilter.sourceforge.net/security/bogofilter-SA-2012-01