diff options
| author | eadler <eadler@FreeBSD.org> | 2011-11-07 12:23:54 +0800 |
|---|---|---|
| committer | eadler <eadler@FreeBSD.org> | 2011-11-07 12:23:54 +0800 |
| commit | e49c9c261a7473cfcb91586fa5bf34a1bf3e2337 (patch) | |
| tree | d7d963a18ae945a19939787b82cbd0bf35f1301c /security | |
| parent | 83f15413130788758e0912bbc217e0ce004570e8 (diff) | |
| download | freebsd-ports-graphics-e49c9c261a7473cfcb91586fa5bf34a1bf3e2337.tar.gz freebsd-ports-graphics-e49c9c261a7473cfcb91586fa5bf34a1bf3e2337.tar.zst freebsd-ports-graphics-e49c9c261a7473cfcb91586fa5bf34a1bf3e2337.zip | |
- add vuxml entry for insecure use of temporary directories in caml-light
Reviewed by: dougb
Approved by: bapt,sahil (mentors, implicit)
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 2d6eefcc4d3..d4552fed268 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,30 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="9dde9dac-08f4-11e1-af36-003067b2972c"> + <topic>caml-light - insecure use of temporary files</topic> + <affects> + <package> + <name>caml-light</name> + <range><le>0.75</le></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>caml-light uses uses mktemp() insecurely, and also does + unsafe things in /tmp during make install.</p> + </body> + </description> + <references> + <cvename>CVE-2011-4119</cvename> + </references> + <dates> + <discovery>2011-11-02</discovery> + <entry>2011-11-06</entry> + <mlist msgid="20111106200911.GC13652@netbsd.org">http://seclists.org/oss-sec/2011/q4/249</mlist> + </dates> + </vuln> + <vuln vid="54075e39-04ac-11e1-a94e-bcaec565249c"> <topic>freetype -- Some type 1 fonts handling vulnerabilities </topic> <affects> |