aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorsimon <simon@FreeBSD.org>2004-10-13 07:46:41 +0800
committersimon <simon@FreeBSD.org>2004-10-13 07:46:41 +0800
commit1a9b45328727c38021b5a1fb1f4d641aecc35cfe (patch)
treec3052854244fa0ddbabc57777355e70685d2ec47 /security
parentbfef24863c6d4e6cccb28c67fe43619c09381829 (diff)
downloadfreebsd-ports-gnome-1a9b45328727c38021b5a1fb1f4d641aecc35cfe.tar.gz
freebsd-ports-gnome-1a9b45328727c38021b5a1fb1f4d641aecc35cfe.tar.zst
freebsd-ports-gnome-1a9b45328727c38021b5a1fb1f4d641aecc35cfe.zip
Document a vulnerability in sharutils.
Approved by: nectar
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml31
1 files changed, 31 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index feda937dd423..127c37b98681 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -32,6 +32,37 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="26c9e8c6-1c99-11d9-814e-0001020eed82">
+ <topic>sharutils -- buffer overflows</topic>
+ <affects>
+ <package>
+ <name>sharutils</name>
+ <range><ge>0</ge></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>From Gentoo advisory GLSA 200410-01:</p>
+ <blockquote cite="http://www.gentoo.org/security/en/glsa/glsa-200410-01.xml">
+ <p>sharutils contains two buffer overflows. Ulf Harnhammar
+ discovered a buffer overflow in shar.c, where the length
+ of data returned by the wc command is not checked.
+ Florian Schilhabel discovered another buffer overflow in
+ unshar.c.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <bid>11298</bid>
+ <url>http://www.gentoo.org/security/en/glsa/glsa-200410-01.xml</url>
+ <url>http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=265904</url>
+ </references>
+ <dates>
+ <discovery>2004-08-15</discovery>
+ <entry>2004-10-13</entry>
+ </dates>
+ </vuln>
+
<vuln vid="3030ae22-1c7f-11d9-81a4-0050fc56d258">
<topic>mail-notification -- denial-of-service vulnerability</topic>
<affects>