aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorremko <remko@FreeBSD.org>2005-09-04 23:16:52 +0800
committerremko <remko@FreeBSD.org>2005-09-04 23:16:52 +0800
commitab0782d2077c5a3e27bac9faa1849f9abd60668a (patch)
tree1e4af8d7c45a99a5b848b96e68df69d2e33ea2d1
parente2617003e6b6e463d94cbf8e118ddd86c5214a9e (diff)
downloadfreebsd-ports-gnome-ab0782d2077c5a3e27bac9faa1849f9abd60668a.tar.gz
freebsd-ports-gnome-ab0782d2077c5a3e27bac9faa1849f9abd60668a.tar.zst
freebsd-ports-gnome-ab0782d2077c5a3e27bac9faa1849f9abd60668a.zip
Mark b2evolution prior to 0.9.0.12_2 vulnerable to the XML_RPC remote php code injection vulnerability.
Inspired by: pav's commit, updating the port.
Diffstat
-rw-r--r--security/vuxml/vuln.xml6
1 files changed, 5 insertions, 1 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 9e0428493358..9d88b62bdcd9 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -601,6 +601,9 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
<name>phpgroupware</name>
<range><lt>0.9.16.007</lt></range>
</package>
+ <package>
+ <name>b2evolution</name>
+ <range><lt>0.9.0.12_2</lt></range>
</affects>
<description>
<body xmlns="http://www.w3.org/1999/xhtml">
@@ -625,6 +628,7 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
</description>
<references>
<cvename>CAN-2005-2498</cvename>
+ <url>http://b2evolution.net/news/2005/08/31/fix_for_xml_rpc_vulnerability_again_1</url>
<url>http://downloads.phpgroupware.org/changelog</url>
<url>http://drupal.org/files/sa-2005-004/advisory.txt</url>
<url>http://phpadsnew.com/two/nucleus/index.php?itemid=45</url>
@@ -636,7 +640,7 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
<dates>
<discovery>2005-08-15</discovery>
<entry>2005-08-15</entry>
- <modified>2005-08-27</modified>
+ <modified>2005-09-04</modified>
</dates>
</vuln>
generated by cgit (git 2.34.1) at 2025-01-20 02:03:34 +0800