diff options
author | pgollucci <pgollucci@FreeBSD.org> | 2010-10-06 13:29:49 +0800 |
---|---|---|
committer | pgollucci <pgollucci@FreeBSD.org> | 2010-10-06 13:29:49 +0800 |
commit | ed97dacfa91805b2a531ec2c53e40b1d6f7bfe0c (patch) | |
tree | 32a7b04a510ca1ccf4a95a602053f57a1e42e448 /security | |
parent | 1c132b91b039d56a97908e331ffda302c96758d9 (diff) | |
download | freebsd-ports-gnome-ed97dacfa91805b2a531ec2c53e40b1d6f7bfe0c.tar.gz freebsd-ports-gnome-ed97dacfa91805b2a531ec2c53e40b1d6f7bfe0c.tar.zst freebsd-ports-gnome-ed97dacfa91805b2a531ec2c53e40b1d6f7bfe0c.zip |
Document devel/apr1's apr-util vunerabilities
Security: http://secunia.com/advisories/41701
Reviewed by: secteam (cperciva) via irc
Diffstat (limited to 'security')
-rw-r--r-- | security/vuxml/vuln.xml | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 9377fe6f8547..6899fba16262 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,45 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="dd943fbb-d0fe-11df-95a8-00219b0fc4d8"> + <topic>apr -- multiple vunerabilities</topic> + <affects> + <package> + <name>apr</name> + <range><lt>1.4.2.1.3.10</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Secunia reports:</p> + <blockquote cite="http://secunia.com/advisories/41701"> + <p>Multiple vulnerabilities have been reported in APR-util, which can + be exploited by malicious people to cause a DoS (Denial of + Service).</p> + <p>Two XML parsing vulnerabilities exist in the bundled version of + expat.</p> + <p>An error within the "apr_brigade_split_line()" function in + buckets/apr_brigade.c can be exploited to cause high memory + consumption.</p> + </blockquote> + </body> + </description> + <references> + <bid>43673</bid> + <cvename>CVE-2009-3560</cvename> + <cvename>CVE-2009-3720</cvename> + <cvename>CVE-2010-1623</cvename> + <url>http://www.apache.org/dist/apr/CHANGES-APR-UTIL-1.3</url> + <url>http://secunia.com/advisories/41701</url> + <url>http://http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1623</url> + <url>http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1956</url> + </references> + <dates> + <discovery>2010-10-02</discovery> + <entry>2010-10-06</entry> + </dates> + </vuln> + <vuln vid="99021f88-ca3c-11df-be21-00e018aa7788"> <topic>phpmyfaq -- cross site scripting vulnerabilities</topic> <affects> |