aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorbrnrd <brnrd@FreeBSD.org>2015-12-08 18:01:50 +0800
committerbrnrd <brnrd@FreeBSD.org>2015-12-08 18:01:50 +0800
commitb6d8a7a95edc1a25619a5efdb0a4b27d60582045 (patch)
treeb557cbc21cbe2b18258784c1a0b368f16c984452
parentc7a8713582fef4acbaf38f25ceab4a2bba9da9e5 (diff)
downloadfreebsd-ports-gnome-b6d8a7a95edc1a25619a5efdb0a4b27d60582045.tar.gz
freebsd-ports-gnome-b6d8a7a95edc1a25619a5efdb0a4b27d60582045.tar.zst
freebsd-ports-gnome-b6d8a7a95edc1a25619a5efdb0a4b27d60582045.zip
security/libressl: Update to 2.2.5
- Version 2.2.5 addresses CVE-2015-2394 - Refactor regression-test target to TEST_TARGET - Add LibreSSL < 2.2.5/2.3.1_1 vuxml entry Reviewed by: koobs (mentor), feld (ports-secteam), delphij (ports-secteam) Approved by: koobs (mentor), delphij (ports-secteam) Security: 215e740e-9c56-11e5-90e7-b499baebfeaf MFH: 2015Q4 Differential Revision: https://reviews.freebsd.org/D4393
Diffstat
-rw-r--r--security/vuxml/vuln.xml30
1 files changed, 30 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 360e27578a0e..8e496107565e 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -58,6 +58,36 @@ Notes:
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="215e740e-9c56-11e5-90e7-b499baebfeaf">
+ <topic>libressl -- NULL pointer dereference</topic>
+ <affects>
+ <package>
+ <name>libressl</name>
+ <range><lt>2.2.5</lt></range>
+ <range><ge>2.3.0</ge><lt>2.3.1_1</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The OpenBSD project reports:</p>
+ <blockquote cite="https://marc.info/?l=openbsd-announce&amp;t=144920914600002">
+ <p>A NULL pointer deference could be triggered by a crafted
+ certificate sent to services configured to verify client
+ certificates on TLS/SSL connections.
+ </p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://marc.info/?l=openbsd-announce&amp;t=144920914600002</url>
+ <cvename>CVE-2015-3194</cvename>
+ </references>
+ <dates>
+ <discovery>2015-12-03</discovery>
+ <entry>2015-12-08</entry>
+ </dates>
+ </vuln>
+
<vuln vid="918a5d1f-9d40-11e5-8f5c-002590263bf5">
<topic>KeePassX -- information disclosure</topic>
<affects>
generated by cgit (git 2.34.1) at 2025-03-05 03:26:48 +0800