aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorjhale <jhale@FreeBSD.org>2014-08-02 10:34:44 +0800
committerjhale <jhale@FreeBSD.org>2014-08-02 10:34:44 +0800
commitcceef67504ca3a9be4e094e765fd4b03fe12de4f (patch)
treec4db736bd028dceca47a0eedd383702d3d1c13eb /security
parent7cfb75260859eb0867857895668384e281ab8e3b (diff)
downloadfreebsd-ports-gnome-cceef67504ca3a9be4e094e765fd4b03fe12de4f.tar.gz
freebsd-ports-gnome-cceef67504ca3a9be4e094e765fd4b03fe12de4f.tar.zst
freebsd-ports-gnome-cceef67504ca3a9be4e094e765fd4b03fe12de4f.zip
- Document vulnerability in security/gpgme (CVE-2014-3564)
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml27
1 files changed, 27 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index e3ef8aae845c..f502b4c4d46e 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -57,6 +57,33 @@ Notes:
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="90ca3ba5-19e6-11e4-8616-001b3856973b">
+ <topic>gpgme -- heap-based buffer overflow in gpgsm status handler</topic>
+ <affects>
+ <package>
+ <name>gpgme</name>
+ <range><lt>1.5.0</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Tomas Trnka reports:</p>
+ <blockquote cite="https://bugzilla.redhat.com/show_bug.cgi?id=1113267">
+ <p>Gpgme contains a buffer overflow in the gpgsm status handler
+ that could possibly be exploited using a specially crafted certificate.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CVE-2014-3564</cvename>
+ <url>https://bugzilla.redhat.com/show_bug.cgi?id=1113267</url>
+ </references>
+ <dates>
+ <discovery>2014-06-25</discovery>
+ <entry>2014-08-02</entry>
+ </dates>
+ </vuln>
+
<vuln vid="2f90556f-18c6-11e4-9cc4-5453ed2e2b49">
<topic>kdelibs -- KAuth PID Reuse Flaw</topic>
<affects>
generated by cgit (git 2.34.1) at 2024-12-17 15:47:20 +0800