diff options
| author | mandree <mandree@FreeBSD.org> | 2015-01-07 05:11:35 +0800 |
|---|---|---|
| committer | mandree <mandree@FreeBSD.org> | 2015-01-07 05:11:35 +0800 |
| commit | 0bef57d5367e93aef4ca6c68a6b8162e0ab61ac6 (patch) | |
| tree | 168d6b324e1503bc4f827555d5142b28b8a228d6 | |
| parent | 7a7f68475aa3a08833bc7f9476acdaf6069c75fe (diff) | |
| download | freebsd-ports-gnome-0bef57d5367e93aef4ca6c68a6b8162e0ab61ac6.tar.gz freebsd-ports-gnome-0bef57d5367e93aef4ca6c68a6b8162e0ab61ac6.tar.zst freebsd-ports-gnome-0bef57d5367e93aef4ca6c68a6b8162e0ab61ac6.zip | |
Add three upstream patches to busybox 1.22.1, bumping PORTREVISION to 2.
One fixes the CVE-2014-4608 buffer overrun in LZO2,
one fixes the nc app, one fixes the zcat and related apps when accessing
files without extension.
List busybox < 1.22.1_2 as vulnerable, and add CVE Name to the vulndb.
Security: CVE-2014-4608
Security: d1f5e12a-fd5a-11e3-a108-080027ef73ec
| -rw-r--r-- | security/vuxml/vuln.xml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index c3d0a8669cc3..160c8154ff11 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -3990,6 +3990,10 @@ Notes: <name>lzo2</name> <range><lt>2.07</lt></range> </package> + <package> + <name>busybox</name> + <range><lt>1.22.1_2</lt></range> + </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> @@ -4009,10 +4013,12 @@ Notes: </description> <references> <url>http://www.oberhumer.com/opensource/lzo/download/lzo-2.07.tar.gz</url> + <cvename>CVE-2014-4608</cvename> </references> <dates> <discovery>2014-06-25</discovery> <entry>2014-06-26</entry> + <modified>2015-01-06</modified> </dates> </vuln> |