From 7d8381eb5add208bdc471d08ba7b79860fe59ae5 Mon Sep 17 00:00:00 2001 From: jgh Date: Thu, 17 May 2012 16:52:36 +0000 Subject: - Update inspircd to 2.0.5 [1] - document CVE-2012-1836 [2] PR: ports/167975 Submitted by: maintainer, feld@feld.me [1], jgh@ [2] Security: CVE-2012-1836 --- security/vuxml/vuln.xml | 33 +++++++++++++++++++++++++++++++-- 1 file changed, 31 insertions(+), 2 deletions(-) (limited to 'security/vuxml') diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 25731e9392e7..c529b462aa4d 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -52,6 +52,35 @@ Note: Please add new entries to the beginning of this file. --> + + inspircd -- buffer overflow + + + inspircd + 2.0.5 + + + + +

InspIRCd reports:

+
InspIRCd contains a heap corruption vulnerability that exists in the + dns.cpp code. The res[] buffer is allocated on the heap and can be + overflowed. The res[] buffer can be exploited during its deallocation. + The number of overflowed bytes can be controlled with DNS compression + features.
+

+ + + + CVE-2012-1836 + + + 2012-05-19 + 2012-05-17 + + + pidgin-otr -- format string vulnerability @@ -78,8 +107,8 @@ Note: Please add new entries to the beginning of this file. http://www.cypherpunks.ca/otr/ - 2012-05-16 - 2012-05-16 + 2012-03-19 + 2012-05-17 -- cgit