diff options
| author | feld <feld@FreeBSD.org> | 2016-03-11 07:37:44 +0800 |
|---|---|---|
| committer | feld <feld@FreeBSD.org> | 2016-03-11 07:37:44 +0800 |
| commit | ae624b131190f78dc0ace51eb61ec1038f8f5126 (patch) | |
| tree | 567e017b77d2dbcd567ba521f93d57c7eccc6894 /security | |
| parent | 01073de8abc54169e1420bb391677b5f77b97859 (diff) | |
| download | freebsd-ports-gnome-ae624b131190f78dc0ace51eb61ec1038f8f5126.tar.gz freebsd-ports-gnome-ae624b131190f78dc0ace51eb61ec1038f8f5126.tar.zst freebsd-ports-gnome-ae624b131190f78dc0ace51eb61ec1038f8f5126.zip | |
Document net/quagga vulnerability
Security: CVE-2016-2342
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 4fa513c3e723..286fc735c0ab 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,34 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="70c44cd0-e717-11e5-85be-14dae9d210b8"> + <topic>quagga -- stack based buffer overflow vulnerability</topic> + <affects> + <package> + <name>quagga</name> + <range><lt>1.0.20160309</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Donald Sharp reports:</p> + <blockquote cite="https://www.kb.cert.org/vuls/id/270232"> + <p>A malicious BGP peer may execute arbitrary code in + particularly configured remote bgpd hosts.</p> + </blockquote> + </body> + </description> + <references> + <url>https://www.kb.cert.org/vuls/id/270232</url> + <url>http://savannah.nongnu.org/forum/forum.php?forum_id=8476</url> + <cvename>CVE-2016-2342</cvename> + </references> + <dates> + <discovery>2016-01-27</discovery> + <entry>2016-03-10</entry> + </dates> + </vuln> + <vuln vid="d71831ef-e6f8-11e5-85be-14dae9d210b8"> <topic>ricochet -- information disclosure</topic> <affects> |