aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2005-03-24 02:29:15 +0800
committernectar <nectar@FreeBSD.org>2005-03-24 02:29:15 +0800
commitbba1a6aee55aa0dd6cb7f0a07cd0c91a3ba62488 (patch)
treec660d76992d751b9c2385117fd5290abdbe0b49c /security
parent342a8994c22d5fd0aa8b8585570c3a8761285540 (diff)
downloadfreebsd-ports-gnome-bba1a6aee55aa0dd6cb7f0a07cd0c91a3ba62488.tar.gz
freebsd-ports-gnome-bba1a6aee55aa0dd6cb7f0a07cd0c91a3ba62488.tar.zst
freebsd-ports-gnome-bba1a6aee55aa0dd6cb7f0a07cd0c91a3ba62488.zip
Document Sylpheed buffer overflow.
Reminded by: netchild Approved by: portmgr (blanket, VuXML)
Diffstat (limited to 'security')
-rw-r--r--security/vuxml/vuln.xml31
1 files changed, 31 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index 0acb100c3cd7..67feab39f3f1 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -32,6 +32,37 @@ EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="f8536143-9bc4-11d9-b8b3-000a95bc6fae">
+ <topic>sylpheed -- buffer overflow in header processing</topic>
+ <affects>
+ <package>
+ <name>sylpheed</name>
+ <name>sylpheed-claws</name>
+ <name>sylpheed-gtk2</name>
+ <range><ge>0.8.*</ge><lt>1.0.3</lt></range>
+ <range><ge>1.9.*</ge><lt>1.9.5</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>The Sylpheed web site states:</p>
+ <blockquote cite="http://sylpheed.good-day.net/index.cgi.en#changes">
+ <p>A buffer overflow which occurred when replying to a
+ message with certain headers which contain non-ascii
+ characters was fixed.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <cvename>CAN-2005-0667</cvename>
+ <url>http://sylpheed.good-day.net/index.cgi.en#changes</url>
+ </references>
+ <dates>
+ <discovery>2005-03-07</discovery>
+ <entry>2005-03-23</entry>
+ </dates>
+ </vuln>
+
<vuln vid="a4bd3039-9a48-11d9-a256-0001020eed82">
<topic>xv -- filename handling format string vulnerability</topic>
<affects>