FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
5a668ab3-8d86-11eb-b8d6-d4c9ef517024OpenSSL -- Multiple vulnerabilities

The OpenSSL project reports:

High: CA certificate check bypass with X509_V_FLAG_X509_STRICT (CVE-2021-3450)

The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default.

High: NULL pointer deref in signature_algorithms processing (CVE-2021-3449)

An OpenSSL TLS server may crash if sent a maliciously crafted renegotiation ClientHello message from a client. If a TLSv1.2 renegotiation ClientHello omits the signature_algorithms extension (where it was present in the initial ClientHello), but includes a signature_algorithms_cert extension then a NULL pointer dereference will result, leading to a crash and a denial of service attack.


Discovery 2021-03-25
Entry 2021-03-26
Modified 2021-04-07
openssl
lt 1.1.1k,1

FreeBSD
ge 12.2 lt 12.2_5

https://www.openssl.org/news/secadv/20210325.txt
CVE-2021-3449
CVE-2021-3450
SA-21:07.openssl