diff options
| author | junovitch <junovitch@FreeBSD.org> | 2016-05-20 09:22:31 +0800 |
|---|---|---|
| committer | junovitch <junovitch@FreeBSD.org> | 2016-05-20 09:22:31 +0800 |
| commit | 0dd42be74d42c996418ef8897f6e868300fce3bb (patch) | |
| tree | 47bd07ceac26a87749dcdb36ec9d158d0dbfd704 /security | |
| parent | 29ce08081b849c6ff42d73a37f885282ea2cac14 (diff) | |
| download | freebsd-ports-gnome-0dd42be74d42c996418ef8897f6e868300fce3bb.tar.gz freebsd-ports-gnome-0dd42be74d42c996418ef8897f6e868300fce3bb.tar.zst freebsd-ports-gnome-0dd42be74d42c996418ef8897f6e868300fce3bb.zip | |
Document wpa_supplicant security advisory 2016-1
PR: 209564
Reported by: Sevan Janiyan <venture37@geeklan.co.uk>
Security: CVE-2016-4477
Security: CVE-2016-4476
Security: https://vuxml.FreeBSD.org/freebsd/967b852b-1e28-11e6-8dd3-002590263bf5.html
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index c72956173cc7..544dbf29fc25 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,35 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="967b852b-1e28-11e6-8dd3-002590263bf5"> + <topic>wpa_supplicant -- psk configuration parameter update allowing arbitrary data to be written</topic> + <affects> + <package> + <name>wpa_supplicant</name> + <range><lt>2.5_2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Jouni Malinen reports:</p> + <blockquote cite="http://w1.fi/security/2016-1/psk-parameter-config-update.txt"> + <p>psk configuration parameter update allowing arbitrary data to be + written (2016-1 - CVE-2016-4476/CVE-2016-4477).</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2016-4476</cvename> + <cvename>CVE-2016-4477</cvename> + <freebsdpr>/ports/209564</freebsdpr> + <url>http://w1.fi/security/2016-1/psk-parameter-config-update.txt</url> + </references> + <dates> + <discovery>2016-05-02</discovery> + <entry>2016-05-20</entry> + </dates> + </vuln> + <vuln vid="57b3aba7-1e25-11e6-8dd3-002590263bf5"> <topic>expat -- denial of service vulnerability on malformed input</topic> <affects> |