diff options
| author | Jason Unovitch <junovitch@FreeBSD.org> | 2016-05-10 08:22:27 +0800 |
|---|---|---|
| committer | Jason Unovitch <junovitch@FreeBSD.org> | 2016-05-10 08:22:27 +0800 |
| commit | 15a1974ad6b15fe7e23df6fa077a1d82adfda975 (patch) | |
| tree | 7eb82460cd05a322fac96346bd29362879f48897 | |
| parent | 88ee6ee14944d12fa005ed4ca2b0ce53ecb4a585 (diff) | |
| download | freebsd-ports-gnome-15a1974ad6b15fe7e23df6fa077a1d82adfda975.tar.gz freebsd-ports-gnome-15a1974ad6b15fe7e23df6fa077a1d82adfda975.tar.zst freebsd-ports-gnome-15a1974ad6b15fe7e23df6fa077a1d82adfda975.zip | |
Fix version range for libarchive entry. [1]
While here, add CVE and wrap lines at <80
PR: 209404 [1]
Reported by: dereks@lifeofadishwasher.com [1]
Security: CVE-2016-1541
Security: https://vuxml.FreeBSD.org/freebsd/2b4c8e1f-1609-11e6-b55e-b499baebfeaf.html
| -rw-r--r-- | security/vuxml/vuln.xml | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 47eefd4464cf..bd0f1c48310c 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -63,26 +63,28 @@ Notes: <affects> <package> <name>libarchive</name> - <range><lt>2.3.0,1</lt></range> + <range><lt>3.2.0,1</lt></range> </package> </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> <p>The libarchive project reports:</p> <blockquote cite="https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7"> - <p>Heap-based buffer overflow in the zip_read_mac_metadata function in - archive_read_support_format_zip.c in libarchive before 3.2.0 allows remote - attackers to execute arbitrary code via crafted entry-size values in a ZIP - archive.</p> + <p>Heap-based buffer overflow in the zip_read_mac_metadata function + in archive_read_support_format_zip.c in libarchive before 3.2.0 + allows remote attackers to execute arbitrary code via crafted + entry-size values in a ZIP archive.</p> </blockquote> </body> </description> <references> + <cvename>CVE-2016-1541</cvename> <url>https://github.com/libarchive/libarchive/commit/d0331e8e5b05b475f20b1f3101fe1ad772d7e7e7</url> </references> <dates> <discovery>2016-05-01</discovery> <entry>2016-05-09</entry> + <modified>2016-05-10</modified> </dates> </vuln> |