aboutsummaryrefslogtreecommitdiffstats
path: root/net-mgmt/nagios-check_tftp
diff options
context:
space:
mode:
authorgirgen <girgen@FreeBSD.org>2015-07-23 21:21:05 +0800
committergirgen <girgen@FreeBSD.org>2015-07-23 21:21:05 +0800
commit237b7ecd9fc205c0759acc666863f1ff3324de7e (patch)
treea0355b5c25a6e2caf452710ed13c57da6b9a2f13 /net-mgmt/nagios-check_tftp
parentefcd8c07f8c93e21f0a937da4704f6a15c0844dd (diff)
downloadfreebsd-ports-gnome-237b7ecd9fc205c0759acc666863f1ff3324de7e.tar.gz
freebsd-ports-gnome-237b7ecd9fc205c0759acc666863f1ff3324de7e.tar.zst
freebsd-ports-gnome-237b7ecd9fc205c0759acc666863f1ff3324de7e.zip
Shibboleth SP software crashes on well-formed but invalid XML.
The Service Provider software contains a code path with an uncaught exception that can be triggered by an unauthenticated attacker by supplying well-formed but schema-invalid XML in the form of SAML metadata or SAML protocol messages. The result is a crash and so causes a denial of service. You must rebuild opensaml and shibboleth with xmltooling-1.5.5 or later. The easiest way to do so is to update the whole chain including shibboleth-2.5.5 an opensaml2.5.5. URL: http://shibboleth.net/community/advisories/secadv_20150721.txt Security: CVE-2015-2684
Diffstat (limited to 'net-mgmt/nagios-check_tftp')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2025-01-27 20:14:48 +0800