diff options
| author | delphij <delphij@FreeBSD.org> | 2015-06-22 15:02:20 +0800 |
|---|---|---|
| committer | delphij <delphij@FreeBSD.org> | 2015-06-22 15:02:20 +0800 |
| commit | 15e775a25b19c6e042c8118fe31aa2f8c7a29891 (patch) | |
| tree | a3db5afa738da4db495c1e30aa14532f92636f84 /security | |
| parent | e63294cd7a5f017ceeeda3fdd19738b34ddad8fb (diff) | |
| download | freebsd-ports-gnome-15e775a25b19c6e042c8118fe31aa2f8c7a29891.tar.gz freebsd-ports-gnome-15e775a25b19c6e042c8118fe31aa2f8c7a29891.tar.zst freebsd-ports-gnome-15e775a25b19c6e042c8118fe31aa2f8c7a29891.zip | |
Document lang/chicken vulnerabilities CVE-2014-9651 and CVE-2015-4556.
PR: 200980
Submitted by: Jason Unovitch
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 64 |
1 files changed, 64 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index e521b4c14ff4..da85ec36890f 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -57,6 +57,70 @@ Notes: --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="0da404ad-1891-11e5-a1cf-002590263bf5"> + <topic>chicken -- Potential buffer overrun in string-translate*</topic> + <affects> + <package> + <name>chicken</name> + <range><lt>4.10.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>chicken developer Peter Bex reports:</p> + <blockquote cite="http://lists.nongnu.org/archive/html/chicken-announce/2015-06/msg00010.html"> + <p>Using gcc's Address Sanitizer, it was discovered that the string-translate* + procedure from the data-structures unit can scan beyond the input string's + length up to the length of the source strings in the map that's passed to + string-translate*. This issue was fixed in master 8a46020, and it will + make its way into CHICKEN 4.10.</p> + <p>This bug is present in all released versions of CHICKEN.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2015-4556</cvename> + <mlist>http://lists.nongnu.org/archive/html/chicken-announce/2015-06/msg00010.html</mlist> + <mlist>http://lists.nongnu.org/archive/html/chicken-hackers/2015-06/msg00037.html</mlist> + </references> + <dates> + <discovery>2015-06-15</discovery> + <entry>2015-06-22</entry> + </dates> + </vuln> + + <vuln vid="e7b7f2b5-177a-11e5-ad33-f8d111029e6a"> + <topic>chicken -- buffer overrun in substring-index[-ci]</topic> + <affects> + <package> + <name>chicken</name> + <range><lt>4.10.0</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>chicken developer Moritz Heidkamp reports:</p> + <blockquote cite="http://lists.gnu.org/archive/html/chicken-users/2015-01/msg00048.html"> + <p>The substring-index[-ci] procedures of the data-structures unit are + vulnerable to a buffer overrun attack when passed an integer greater + than zero as the optional START argument.</p> + <p>As a work-around you can switch to SRFI 13's + string-contains procedure which also returns the substring's index in + case it is found.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2014-9651</cvename> + <mlist>http://lists.gnu.org/archive/html/chicken-users/2015-01/msg00048.html</mlist> + <mlist>http://lists.nongnu.org/archive/html/chicken-hackers/2014-12/txt2UqAS9CtvH.txt</mlist> + </references> + <dates> + <discovery>2015-01-12</discovery> + <entry>2015-06-22</entry> + </dates> + </vuln> + <vuln vid="a3929112-181b-11e5-a1cf-002590263bf5"> <topic>cacti -- Multiple XSS and SQL injection vulerabilities</topic> <affects> |